Cybersecurity

House Oversight chairman presses DHS for OPM hack info

House Oversight Committee Chairman Jason Chaffetz is not letting up on his campaign to get more information about the catastrophic breaches at the Office of Personnel Management (OPM).

The Utah Republican on Wednesday sent a letter to the U.S. Computer Emergency Readiness Team (US-CERT) requesting details on exactly when the OPM brought in US-CERT and what the team found when it examined the breached systems.

{mosads}OPM officials have said hackers infiltrated two agency databases, exposing over 22 million people’s sensitive data. One of the compromised databases contained the government’s security clearance forms with some of the most personal information the government manages.

These details came out through a slow drip over nearly two months and multiple congressional hearings. The Oversight Committee itself held three hearings between June and July.

“Even after these hearings, fundamental questions about the detection and the breach and OPM’s response remain,” said Chaffetz’s letter.

The Oversight chair is looking for exact dates on when the OPM contacted US-CERT, common practice following detection of a government breach. Housed within the Department of Homeland Security, US-CERT was created to respond to breaches, analyze cyber threats and disseminate tips on fighting hackers.

Chaffetz wants to see the US-CERT analysis of the OPM breach and what recommendations it made to the compromised agency.

The request is just the most recent in a series of letters Chaffetz has sent to various agencies following the OPM hack.

The chairman was one of the most vocal critics of OPM officials throughout the hearings.

Earlier this week, Chaffetz demanded the OPM turn over the network security guides that the agency said were exposed during its data breach.

He has also led the campaign to get top OPM officials fired for what he sees as a failure to responsibly respond to warnings about the OPM’s cybersecurity shortcomings.

Katherine Archuleta, the OPM director at the time of the breach, has already resigned under considerable pressure. But Chaffetz also wants Donna Seymour, the agency’s chief information officer, removed, accusing her of stymying the OPM’s inspector general in the wake of the hacks.