NCSC says OPM hack exposing data of 21 million wasn't their responsibility

[InfoSec News <alerts () infosecnews org>]

http://www.theguardian.com/us-news/2015/sep/16/ncsc-opm-hack-wasnt-their-responsibility

By Sam Thielman
The Guardian
16 September 2015

One of the largest breaches of US government data in history is somebody 
else’s responsibility, counterintelligence officials told senator Ron 
Wyden in a formal letter passed to the Guardian on Wednesday.

The Democratic senator from Oregon last month submitted three questions to 
the National Counterintelligence and Security Center (NCSC) about the 
hacking earlier this year of the Office of Personnel Management (OPM), in 
which the personal information of 21 million people was exposed.

In August, Wyden asked whether the NCSC had identified as a security risk 
the OPM’s giant database of federal security clearances, which includes 
personal and identifying information as private as psychiatric evaluations 
and social security numbers.

Wyden also asked whether the NCSC had made any recommendations related to 
better securing the database, which retains data going back to 1985. The 
theft of the information exposed some 21 million current, former and 
prospective government employees and has been attributed to Chinese 
hackers by the US government. The placement of blame is at the forefront 
of many minds in the nation’s capital.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/