China or not, USPS faces angry Congress over cyber intrusion

Regardless of whether it was China who broke into the United States Postal Service’s computers this fall, senior postal officials are certain to be grilled by Congress over their slow response to the intrusion.

Both Republicans and Democrats in the House said they were puzzled by why it took the agency until the weekend of Nov. 8 to begin repairs to the computers.

A USPS spokesman, David Partenheimer said “Acting too quickly could have caused more data to have been compromised.”

But members of Congress, who first had been briefed on the intrusion Oct. 27, were not buying the excuse.

House Oversight Chairman Darrell Issa, R-Calif., said he blamed the Obama administration for waiting “two months before making the news of this attack public and preventing victims from taking proactive measures to secure their own information.”

The Washington Post blamed China for the computer attacks, noting that the country had been linked to an attack on the federal agency that holds personnel records.

“They are just looking for big pots of data on government employees,” James A. Lewis, a cyberpolicy expert at the Center for Strategic and International Studies, told the Washington Post.

The New York Times said the Postal Service intrusion “seemed to have the signature of Chinese hackers.”

But it cautioned that “attributing attacks is difficult and the first indications are frequently inaccurate.”

Postal officials said they had been unable to detect any use of the postal data that appeared to have been compromised.

The agency announced the intrusion Nov. 10 in a news release that did not suggest who the villain was.

The announcement came as Obama began a trip to China.

“Information potentially compromised in the incident may include personally identifiable information about employees, including names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, emergency contact information and other information,” the announcement said.

Postmaster General Patrick R. Donahoe said in a statement that “It’s an unfortunate fact of life these days that every organization connected to the Internet is a constant target for cyber intrusion activity.

“The United States Postal Service is no different. Fortunately we have seen no evidence of malicious use of compromised data.”

Postal employees were offered a year of credit monitoring services at no charge.

The agency also said it believed that credit customers and partners do not need to take any actions as a result of the intrusion.

The statement by Chairman Issa and Rep. Blake Farenthold, R-Texas, warned that the Postal Service “must do a better job securing the information of the American public.”

It called the incident “a serious security breach that has put the personal information of Americans at risk.”

A letter from the ranking Democrat on the oversight committee indicated that Democrats also want to know more about the attacks and the Postal Service’s response to them.

Published 11/11/2014 8:50 AM