Senators leave classified OPM brief wanting details

Senators gleaned little from a classified briefing the Obama administration held Tuesday night on the recent Office of Personnel Management (OPM) data breach that has exposed millions of federal workers’ information.

“There’s no more concrete answers to the questions about, when did you know and what did you do?” said Sen. Jerry Moran (R-Kan.), exiting the briefing. “And that still, in my view, needs to be answered.”

{mosads}Moran sits on a Senate subcommittee that heard testimony from OPM Director Katherine Archuleta Tuesday morning, who has been on the hot seat since a poorly received performance at a House hearing last week.

“Those questions that arose in this morning’s hearings were not answered in this afternoon’s classified briefing,” Moran said.

The White House is being roundly criticized on both sides of the aisle for its security shortcomings following revelations that the OPM was infiltrated not once, but twice, putting up to 18 million people’s information at risk.

“It is what it is,” said Sen. Dianne Feinstein (D-Calif.), the top Democrat on the Senate Intelligence Committee. “There’s a lot of distress over all of this. … There’s a lot of work to be done.”

The OPM has acknowledged both breaches, one of which occurred a year before it was recently discovered. Officials have said they expect hackers have stolen data on virtually all government workers, military and intelligence community personnel, government contractors, and even friends and family of federal employees. 

But the OPM has not given an estimate of the total number of people that could be at risk, nor has it explained exactly how either breach occurred. The White House has also declined to publicly accuse China for the intrusion, although officials have done so privately.

Archuleta declined to update senators on any of these details during a Tuesday morning hearing, and officials apparently weren’t more forthcoming in the Tuesday afternoon briefing, according to senators.

“No, no, no, nothing here that wasn’t in The New York Times, The Washington Post and the The Wall Street Journal,” said Senate Armed Services Chairman John McCain (R-Ariz.), leaving the briefing.

“It’s frustrating,” Moran said. “We want information.”

Department of Homeland Security Secretary Jeh Johnson and officials from the Office of the Director of National Intelligence led the briefing as well.

“I’m not [satisfied],” said Sen. Susan Collins (R-Maine), who sits on the Intel panel. “It is evident that OPM, which is the repository of so much sensitive information, failed to take basic steps to protect that information for many years.”

“It’s very disturbing,” she added.

It was the first Senate-wide briefing held for lawmakers since reports started surfacing that the breach might have encompassed more than four times as many people as the the 4.2 million the OPM initially predicted.

Much of Capitol Hill’s ire over the expanding incident has been directed toward Archuleta.

Shortly after the briefing, Sen. Steve Daines (R-Mont.), became the first senator to call for Archuleta’s resignation.

“Ms. Archuleta has refused to take accountability for this great failure — in turn failing the American people, whom she swore an oath to protect and defend,” Daines said in a statement. “Leadership starts at the top, and in light of this is an unprecedented theft of our citizens’ records, we must hold those in positions of responsibility accountable.”

Most senators leaving the briefing said they would wait until there are more details available.

“I  still don’t think we know exactly what’s going on,” said Sen. John Boozman (R-Ark.), chair of the Financial Services and General Government Subcommittee, which held Tuesday’s hearing.

Boozman said he expected to bring Archuleta and the OPM information technology (IT) staffers in for a second, more detailed classified briefing to discuss possible funding boosts for the agency.

During Tuesday’s hearing, Archuleta said her agency might submit a revised budget request for the 2016 fiscal year as a result of the massive data breach.

Boozman said “we would be very open to hearing that,” if OPM can prove an increase is necessary to “keep those records safe.”

The OPM FY 2016 budget already includes a request for $32 million more than the enacted level in FY 2015, most of which is dedicated to IT upgrade initiatives.

“We just need to keep digging on this stuff, find out more about this second breach,” Boozman added. “Talk to some of the people that are more truly IT people that look at things in a different perspective.”