Several lawmakers were frustrated with the information they gleaned from a classified briefing the administration held with House members Tuesday afternoon to discuss the massive federal hack that has shaken the government.
There was a level of anticipation about the session after Obama administration officials repeatedly declined to answer questions about the hack’s scope and damage during a House Oversight and Government Reform Committee hearing Tuesday morning, maintaining that the answers were better suited for a confidential setting.
{mosads}But following the meeting, members indicated there wasn’t much conclusive information about the ongoing investigation into the breach, which has potentially compromised the sensitive information of up to 14 million people working for the government, military, intelligence community and government contractors.
“Quite frankly, I didn’t hear much classified in the classified briefing,” House Oversight chairman Jason Chaffetz (R-Utah) told reporters, exiting the meeting. “There wasn’t a whole lot of information there.”
There also weren’t many lawmakers there.
“It was not as well attended as I would have liked it to be,” said Rep. Jim Langevin (D-R.I.), co-chair of the Congressional Cybersecurity Caucus. “The room, I’d say, was less than a quarter full.”
Officials from the hacked agency, the Office of Personnel Management (OPM), and the Department of Homeland Security were at the briefing.
In early June, the administration said it believed roughly 4 million federal workers’ records had been exposed by the compromise.
But officials acknowledged on Friday they had discovered a second breach, in which hackers made off with security clearance background check data on military and intelligence community personnel.
At Tuesday’s hearing, OPM officials would not speculate about whether the second hack would ultimately cause the total number of those affected to grow.
In the briefing, they were slightly more forthcoming, lawmakers indicated.
“Obviously they started at 4 million,” said House Homeland Security Chairman Michael McCaul (R-Texas). “That number is increasing.”
“Oh I think it’s significantly more than [4 million],” said Langevin, “especially if there’s other information that they have not yet come across that was also breached.”
But officials didn’t give any fresh details on the timeline of exactly when the suspected Chinese hackers got into the system for either hack.
When the first hack was announced, OPM officials said they believed cyberattackers had gotten into the system in December, before being discovered in April.
At Tuesday’s hearing, OPM Director Katherine Archuleta would only confirm that the agency “suspected” the intrusion “happened earlier, in 2014.”
There have been considerable rumblings that the inaugural compromise might have occurred much earlier than December.
“I think that’s a legitimate question,” Chaffetz said. “We did not get clarity as to when and how far [the hackers] reach was.”
Administration officials have also yet to say when the second hack occurred.
“No, no,” Chaffetz said. “And it’s not as if we got clarity on that.”
Langevin still thought the briefing was “very helpful,” cautioning, “they’re going to be looking at this for quite some time.”