The hearing was expected, as the committee’s top members have all pressed USPS for more information since the agency revealed on Monday a cyber attack that had exposed the information of 800,000 employees.
Oversight Committee Chair Darrell Issa (R-Calif.) said the Postal Service knew about the hack in September, but waited until late October to confidentially brief the committee.
USPS only told employees this week their personal information was at risk.
As PostalReporter reported on Monday:
The APWU is fully committed to defending the privacy rights of all our members. We have already filed charges with the National Labor Relations Board protesting the Postal Service’s failure to bargain over the impact of the security breach. We are demanding information from the USPS about the extent of the breach – both known and suspected – and what postal management knew, when they knew it, and what they did, or failed to do to protect employee information. APWU files Labor charges against USPS over lack of info on security breach
“Furthermore, the Committee understands the Postal Service has known about this attack since September and presented this information to Congress several weeks ago, but did so as a classified matter. The Committee will also be seeking information about why the Administration waited two months before making the news of this attack public and preventing victims from taking proactive measures to secure their own information. We have not been told why the agency no longer considers the information classified.” Congressmen want answers on why USPS waited two months to tell victims of data breach
In his letter today, Elijah Cummings requested information about the scope of the cyber-attack, including the types of data breached, the number of employees and customers potentially affected, findings about vulnerabilities to computer systems, and data protection improvement measures taken since discovering the breach.Another Congressman requests more info from USPS on cyber attack
- Video: Postmaster General’s message to employees regarding the cyber incident
- For employees:USPS Q & A on cyber intrusion and employee data compromise November 10, 2014
- For customers: USPS Q & A on cyber intrusion,employee data compromise, if customers are affected data November 10, 2014
- USPS Statement on Cyber Intrusion Incident November 10, 2014