U.S. personnel management hack preventable, congressional probe finds

Source: Reuters

The U.S. Office of Personnel Management (OPM) did not follow rudimentary cyber security recommendations that could have mitigated or even prevented major attacks that compromised sensitive data belonging to more than 22 million people, a congressional investigation being released on Wednesday has found.

Two breaches at the federal agency detected in 2014 and 2015 were made worse by lax security culture and ineffective leadership, which failed to harness available tools that could have stopped or limited the intrusions, according to the report from the Republicans on the U.S. House of Representatives’ Committee on Oversight and Government Reform, a copy of which was seen by Reuters.

“The OPM data breach and the resulting generational national security consequences cannot happen again,” said Republican Representative Jason Chaffetz, the committee’s chairman, in the report.

The investigation faulted OPM - which manages employment matters for the federal government, including background checks for most agencies - for not moving more quickly to address early signs of an attack, allowing hackers to later siphon off reams of personnel data.

[font size=1]-snip-[/font]


Read more: http://www.reuters.com/article/us-usa-cyber-opm-idUSKCN11D0AM