The federal agency that stored, and lost, millions of current and former government employees’ sensitive files, fingerprints, and security clearances spent only a small fraction of what other federal agencies allocated for cybersecurity, according to a new report published by the House Oversight and Government Reform Committee on Wednesday.
The Office of Personnel Management breach, announced last June, involved the personal data of over 20 million individuals and was described by a former NSA senior official as “crown-jewels material.” The report was the conclusion of a year-long investigation following the breach.
The personnel agency spent just $2 million in 2015 to prevent malicious cyber activity, while the Department of Agriculture doled out $39 million. The departments of Commerce, Education, and Labor also spent more in this area. Among the categories of cybersecurity spending delineated by the committee — preventing malicious cyber activity, detecting, analyzing, and mitigating intrusions, and shaping the cybersecurity environment — only the Small Business Administration spent as little as OPM (although Small Business Administration spent more overall on cybersecurity).
OPM responded by saying the report does not actively reflect the progress the agency has made since the hack, and Rep. Elijah Cummings, D-Md., the ranking Democrat on the House Oversight Committee, insisted the report was flawed, in part because it failed to place blame on or otherwise account for the contractors involved in the agency’s cybersecurity. Additionally, an entirely new agency, the National Background Investigations Bureau, will now be in charge of the security clearance process.
More money doesn’t necessarily mean better security, however. According to analysis from the Mercatus Center at George Mason University published in January 2015, the government invested more money in cybersecurity, but failed to stem the increasing flow of cyber breaches.
Yet for an agency tasked with protecting sensitive personnel data, it didn’t appear to invest much in making sure adversaries couldn’t access its databases. The breach, according to many national security officials, will take years to recover from.
“Despite this high value information maintained by OPM, the agency failed to prioritize cybersecurity,” wrote the authors of the report, including Committee Chairman Rep. Jason Chaffetz, R-Utah, Rep. Mark Meadows, R-N.C., and Rep. Will Hurd, R-Texas.
See the chart depicting how much agencies spent on cyber in 2015 below:
IT’S EVEN WORSE THAN WE THOUGHT.
What we’re seeing right now from Donald Trump is a full-on authoritarian takeover of the U.S. government.
This is not hyperbole.
Court orders are being ignored. MAGA loyalists have been put in charge of the military and federal law enforcement agencies. The Department of Government Efficiency has stripped Congress of its power of the purse. News outlets that challenge Trump have been banished or put under investigation.
Yet far too many are still covering Trump’s assault on democracy like politics as usual, with flattering headlines describing Trump as “unconventional,” “testing the boundaries,” and “aggressively flexing power.”
The Intercept has long covered authoritarian governments, billionaire oligarchs, and backsliding democracies around the world. We understand the challenge we face in Trump and the vital importance of press freedom in defending democracy.
We’re independent of corporate interests. Will you help us?
IT’S BEEN A DEVASTATING year for journalism — the worst in modern U.S. history.
We have a president with utter contempt for truth aggressively using the government’s full powers to dismantle the free press. Corporate news outlets have cowered, becoming accessories in Trump’s project to create a post-truth America. Right-wing billionaires have pounced, buying up media organizations and rebuilding the information environment to their liking.
In this most perilous moment for democracy, The Intercept is fighting back. But to do so effectively, we need to grow.
That’s where you come in. Will you help us expand our reporting capacity in time to hit the ground running in 2026?
We’re independent of corporate interests. Will you help us?
I’M BEN MUESSIG, The Intercept’s editor-in-chief. It’s been a devastating year for journalism — the worst in modern U.S. history.
We have a president with utter contempt for truth aggressively using the government’s full powers to dismantle the free press. Corporate news outlets have cowered, becoming accessories in Trump’s project to create a post-truth America. Right-wing billionaires have pounced, buying up media organizations and rebuilding the information environment to their liking.
In this most perilous moment for democracy, The Intercept is fighting back. But to do so effectively, we need to grow.
That’s where you come in. Will you help us expand our reporting capacity in time to hit the ground running in 2026?
We’re independent of corporate interests. Will you help us?
Contact the author:
Latest Stories
CIA Ran MK-ULTRA Experiments on Prisoners of War in U.S. Custody, Declassified Docs Confirm
For the first time, documents confirm the CIA carried out tests on North Korean POWs and planned for much more invasive experimentation.
Kash Patel Got Arrested for Public Urination After a Night of Drinking
The FBI director was arrested twice in his youth for alcohol-related incidents that he said were “not representative of my usual conduct.”
Chilling Dissent
“We Knew They Were Paying Informants”: SPLC Donors Reject Trump DOJ Fraud Claims
Twenty donors to the Southern Poverty Law Center said the alleged “fraud” being prosecuted in their name was exactly how they hoped the group would spend their money.