Press Releases

Beyer Requests SST Oversight Hearing on OPM Attack

f t # e
Washington, June 22, 2015 | comments

Congressman Don Beyer, Ranking Member on the House Committee on Science, Space, and Technology’s Subcommittee on Oversight, called for a Subcommittee hearing on the Office of Personnel Management (OPM) federal employee data breach in a letter to Committee Chairman Lamar Smith (R-TX) today. 

“More than two and a half weeks after the public learned of the attack, we still don’t have answers to many simple questions which are critical to federal employees and our national security,” said Rep. Beyer. “My constituents are angry and scared, and rightly so.  Every one of the current and former federal employees impacted by this breach has a right to know what happened to their personal data.”

Rep. Beyer’s Subcommittee oversees the National Institutes on Standards and Technology (NIST), the Commerce Department agency responsible for setting information security standards for civilian agencies.  His Northern Virginia Congressional District is home to nearly 77,000 federal employees.  

The full text of the letter follows:

 

June 22, 2015

 

Hon. Lamar Smith

House Committee on Science, Space, and Technology

Chairman

2321 Rayburn House Office Building

Washington, DC 20515

Mr. Chairman,

As you know, the Office of Personnel Management (OPM) was the target of a massive cybersecurity attack leading to the theft of millions of current and former federal employee’s personal information.  Information that was stolen appears to include the classified security clearance data for employees holding positions in the intelligence community and the military.  I am outraged that this happened, and I believe that the Congress should take all reasonable steps to both understand how this could have happened and support the changes necessary to ensure that nothing like it ever happens again.

I believe the Committee on Science, Space, and Technology can play a constructive role in this effort.  Our jurisdiction over the National Institutes on Standards and Technology (NIST), which has a key role in setting information security standards for civilian agencies, gives us ample scope to begin asking whether NIST should play a more expansive role in helping the Federal government do better moving forward.  Having NIST appear before the Committee to explain their progress in putting Federal Information Security Management Act standards in place, and what more NIST might do to identify agencies that have failed to comply with such standards and help insure that they do would be a positive step.

I am also very disturbed at reports that contractors working on the OPM IT system included foreign nationals, including individuals holding passports issued by the People’s Republic of China.[1]  One report alleges that a contractor from Argentina and another from China were working remotely from their home country and had system administrator root access permissions to OPM’s system.  Every agency of the government relies on contract employees to carry out IT work to keep our systems working.  I would encourage the Committee to look more closely at the reliance on foreign nationals and whether this is done in an appropriate way.

Finally, I believe the Committee should hear from a witness who can articulate the concerns of current and retired Federal employees about what the government might do to protect the privacy and safety of these victims. I have heard from many of my constituents of problems with the CSID website, including glitches and hours long waits for assistance. Someone from an organization like the American Federation of Government Employees could best articulate the kinds of dangers and concerns implicit in the OPM breach as well as addressing concerns regarding the speed and thoroughness of notifications and support in the weeks following the breach. 

Looking at the range of issues before the Congress, I believe the Committee could make a productive contribution to discussions on how to improve Federal cybersecurity by holding a hearing that touches on the matters I listed above.  Please feel free to contact me if you wish to discuss this request.

Sincerely,

___________________

Donald S. Beyer Jr.

Ranking Member, Oversight Subcommittee

Science, Space, and Technology

 

CC:

Hon. Eddie Bernice Johnson, Ranking Member, Committee on Science, Space, and Technology

Hon. Barry Loudermilk, Chairman, Subcommittee on Oversight, Committee on Science, Space, and Technology

f t # e