Senator Carper Statement on Reported OPM Cyber Attack

WASHINGTON – Today, Sen. Tom Carper (D-Del.), Ranking Member of the Homeland Security and Governmental Affairs Committee, released the following statement in response to the Office of Personnel Management (OPM) detection of a cybersecurity incident potentially affecting personnel data for current and former federal employees:

“This latest report of a massive data breach at the Office of Personnel Management (OPM) is deeply troubling. Whether it is OPM or the Internal Revenue Service, all Americans deserve the peace of mind that the personal information they provide to the federal government is safe and secure from cyber theft. While the unauthorized release of any personal information is a cause for concern, I am encouraged by the reports that the Department of Homeland Security’s Einstein cybersecurity system played a key role in uncovering this serious cyber attack. OPM must do all that it can to improve its cybersecurity and help any potential victims of this data breach as quickly as possible.

“These types of attacks are growing at an alarming rate and continue to victimize and frustrate more and more of us. While our defenses are getting stronger, the attackers are getting more sophisticated. All agencies need to step up their efforts and improve their cybersecurity measures. This effort, however, must be a shared responsibility. Those of us here in Congress have an obligation to ensure that agencies have the funding, the tools, and the authority they need to adequately protect their systems from attack. This year, I introduced a cyber threat information sharing bill and have been working closely on this issue with our colleagues on the Senate Intelligence Committee. I have also been working closely with Senator Blunt on data breach legislation that will create a national standard for how we protect data and consumers. It is my hope that we can come together as a Congress to pass these two important pieces of legislation and provide our agencies with the resources they need to tackle the nation’s growing cyber threat.”

Earlier this year, Sen. Carper introduced the Cyber Threat Sharing Act of 2015, which would take critical steps to provide liability protections to increase the sharing of cyber threat data between private industry and the federal government. In April, he joined Sen. Roy Blunt (R-Mo.) to introduce the Data Security Act of 2015 (S.961), which would better protect consumers from identity theft and account fraud by establishing a clear set of national standards that would help the prevention of and response to data breaches at public and private institutions.

Last Congress, the Senate Homeland Security and Governmental Affairs Committee authored several cybersecurity bills, which the president signed into law in December. Those include the Federal Information Security Modernization Act (S.2521) to improve the security of federal networks, the National Cybersecurity Protection Act of 2014 (S.2519), which authorized the National Cybersecurity and Communications Integration Center at the Department of Homeland Security for information sharing, and two bills to improve the federal cybersecurity workforce — the Cybersecurity Workforce Assessment Act (H.R.2952) and the Border Patrol Pay Reform Act (S.1691) (which contains provisions from the DHS Cybersecurity Workforce Recruitment and Retention Act of 2014).