From NextGov:

One of the longstanding mysteries about a hack that exposed profiles of 21.5 million national security personnel and their relatives appears to be solved. 

Contractor CyTech did not, despite claims by company CEO Ben Cotton, discover the attack, during a product demonstration April 21, 2015, a top House Democrat says. 

Brendan Saulsbury, an OPM contract engineer, and other OPM staff say they detected malicious activity behind the intrusion using a tool developed by a separate vendor, Cylance — five or six days earlier.

CyTech confirmed the government’s findings a week later, a House Oversight and Government Reform Committee investigation has found. 

Rep. Elijah Cummings, D-Md., ranking committee Democrat, disclosed these details in a May 26 letter to the House intelligence committee.

Former OPM Director Katherine Archuleta and former OPM Chief Information Officer Donna Seymour testified last summer that OPM successfully found the intrusion — believed by U.S. intelligence officials to be a Chinese spy operation.

The full committee has been investigating this he said-she said controversy since last July, compelling the government and contractors to produce thousands of pages of documents and conducting interviews with all parties involved.

Oversight Chairman Rep. Jason Chaffetz, R-Utah, held a January hearing to question an OPM official about the holdup and excessive redactions in documents it received involving CyTech. The Republicans on the oversight committee did not sign Thursday’s letter. 

CyTech “didn’t detect anything that we didn’t already know about,” Saulsbury told congressional investigators Feb. 17, the letter states. 

Malware that Saulsbury detected was disguised as McAfee antivirus files to fly under…

Continue Reading