- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

Hacked US Agency Had Long History of Slack Security

© Flickr / Andrew CatellierAccording to media reports, US investigators believe Chinese hackers were responsible the security breach.
According to media reports, US investigators believe Chinese hackers were responsible the security breach. - Sputnik International
Subscribe
The US Office of Personnel Management (OPM) had a history of security failures before a data breach compromised millions of US federal workers’ personal data, according to the Assistant Inspector General for Audits Michael Esser said in US congressional testimony on Tuesday.

WASHINGTON (Sputnik) – The US Office of Personnel Management (OPM) had history of security requirement failures before a data breach compromised millions of US federal workers’ personal data, the Assistant Inspector General for Audits Michael Esser said in US congressional testimony on Tuesday.

"Many security controls went unimplemented and or remained untested, and OPM routinely failed a variety of FISMA [Federal Information Security Management Act] metrics year after year,” Esser said in a statement to the US House Committee on Oversight and Government Reform.

The inspector general added a decentralized governance structure led to “material weakness” in security at OPM.

NSA Headquarters, Fort Meade, MD. - Sputnik International
US Data Collection Stopped for Two Days and the World Didn’t End
Earlier this month, the OPM announced that a cybersecurity breach in April 2015 compromised the personal data of up to four million current and former federal employees.

Esser said that an audit of OPM revealed the agency did not have a centralized inventory of its servers and databases within its networks.

In 2014, he said, 21 of OPM’s information systems were due for a security assessment and authorization procedure, but had not been completed and proceeded to operate “without a valid authorization.”

Esser said the failure “represents a systemic issue of inadequate planning by OPM program offices to assess and authorize the information systems.”

According to media reports, US investigators believe Chinese hackers were responsible the security breach. China has denied the allegations.

The administration of US President Barack Obama has so far avoided blaming China for the attack.

OPM serves as the US government’s human resource department. Among its responsibilities is managing US federal pension benefits and conducting background investigations for security clearances.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала