When a foreign power as early as 2013 first hacked the Office of Personnel Management and retrieved IT manuals for its network, swept up in the heist were the usernames and the last four digits of the Social Security numbers of certain system users.
That detail was not disclosed to lawmakers until Thursday.
Federal officials had always maintained the attackers — who would go on to nab 21.5 million background check records last year — never obtained personally identifiable information during the first breach.
The varying descriptions of exactly what was compromised during the multiyear, alleged Chinese hacking operation came into focus during a Thursday House hearing.
Lawmakers wanted answers from OPM and other agencies for why congressional requests for executive branch information have gone unfulfilled. One request, spelled out in an Aug. 18, 2015, letter, asked for all the guides, directories and manuals the OPM attackers copied during the initial hack.
This summer, OPM Chief Information Officer Donna Seymour told lawmakers the guides describing OPM IT assets stolen in the earlier incident “would give you enough information that you could learn about the platform, the infrastructure of our system,” but added that many of them were commercially available and outdated.
The earliest known malicious activity on OPM networks disclosed by government officials dates back to November 2013, federal officials testified this summer. The final, massive hack of personnel records began in the fall of 2014 and was detected April 2015.
On Thursday, Jason Levine, OPM’s director of congressional, legislative and intergovernmental affairs, told the Oversight and Government Reform Committee: “You have…