June 5, 2015

By Priscilla Alvarez.  National Journal.  June 5, 2015
Computer hacks that expose the personal information of about four million people are, objectively, pretty bad. The White House knows this, and said Friday that officials are investigating a breach that was revealed this week.
The risk to computers posed by hackers, however, is "not news," White House Press Secretary Josh Earnest said.
"The simple fact is that the threat we are facing is ever-evolving and that means that our defenses need to be ever evolving," he said. "So, to say that our computer systems in the federal government are at risk is not news."
He added: "We understand that there is a persistent risk out there. This is a risk, by the way, that's shared by the private sector."
The Office of Personnel Management said in a statement Thursday that a breach of its computer systems was detected in April and may have compromised the information of at least four million current and former federal employees. The intrusion occurred in December. OPM storespersonal information, such as addresses and Social Security numbers, and general employee information, including performance ratings.
According to media reports, federal authorities believe China is behind the cyberattack, marking the second intrusion into the government agency by Chinese hackers over the past year. A spokesman for the Chinese foreign ministry called the allegation "irresponsible."
Earnest did not say on Friday who was behind the cyberattack.
"I can't get into any conclusion that has been reached about who or what country may be responsible for this particular incident," he said.
Earnest faulted Congress for not advancing cybersecurity legislation. Last month, the Housepassed legislation that seeks to expand information sharing of cyberthreat data between the government and the private sector. The Senate has not voted on the measure.
"We need Congress to come out of the dark ages and join us in the 21st century to make sure we have the kinds of defenses necessary to protect a modern computer system," Earnest said.
OPM said Thursday that it will notify those whose information may have been compromised. The agency is offering credit monitoring services to employees to "mitigate the risk of fraud and identity theft."
The FBI is investigating the hack. "We take all potential threats to public- and private-sector systems seriously and will continue to investigate and hold accountable those who pose a threat in cyberspace," said FBI spokesman Joshua Campbell on Thursday.