U.S. federal agencies refuse to testify about OPM hack

By Dustin Volz
The U.S. Office of Personnel Management building in Washington, June 5, 2015. REUTERS/Gary Cameron

By Dustin Volz

WASHINGTON (Reuters) - Officials from the U.S. government's personnel agency unexpectedly refused on Tuesday to attend a closed-door congressional briefing on their handling of a massive computer breach that affected more than 22 million federal workers.

The breach last year at the Office of Personnel Management (OPM) underscored Washington's online vulnerabilities amid threats from perpetrators ranging from foreign governments to terrorist groups and various amorphous hacktivist collectives.

OPM, the Department of Homeland Security and the Office of Management and Budget all declined to appear at the classified meeting due to concerns that the conversation would be transcribed, according to the House Armed Services Committee.

"They refused to come,” Mac Thornberry, the committee’s Republican chairman, told reporters on Capitol Hill. “I've never had anybody complain about it before."

The Department of Defense and members of the U.S. intelligence community testified as planned, Thornberry said.

In a joint statement on Tuesday afternoon, the three federal agencies said they have engaged in more than a dozen classified briefings and open hearings with Congress about the OPM hack.

"Unfortunately, we were unable to accommodate a last-minute change in the request today," the statement added.

OPM has been under intense scrutiny from lawmakers and the public ever since it disclosed earlier this year that it had fallen victim to two successive cyber attacks, which officials have privately linked to Chinese hackers.

The intrusions exposed sensitive personal information, including names, Social Security numbers and addresses of more than 22 million current and former federal employees and contractors, in addition to 5.6 million fingerprints.

“If they are unwilling to come and answer questions about the biggest national security data breach we've ever had, then that does not inspire greater confidence,” Thornberry said. “So I'm sure we will pursue the matter with them again.”

Adam Smith, the top Democrat on the committee, also said he was "disappointed" by the withdrawal.

Thornberry said his panel has had no problems safeguarding classified materials, suggesting that may have been OPM's and the other agencies' concern. "We do it every day (with) things that are a lot more highly classified than this," he said.

OPM Director Katherine Archuleta resigned in July amid furor regarding the agency’s cyber security practices. Last week, President Barack Obama nominated Beth Cobert, OPM’s acting director, to lead the agency.

Earlier this month, the agency told Reuters it had notified approximately one-fourth of the hacked victims, which it is doing by physical mail.

(Additional reporting by Idrees Ali; Editing by Kevin Drawbaugh and Jonathan Oatis)