A House oversight committee demanded answers Monday about a suspected cyberattack that has shut down the State Department’s unclassified email system.
In a letter to Secretary of State John Kerry, Democratic lawmakers on the House Government Oversight Committee requested details about the data breach – including when it was first discovered.
The letter from Rep. Elijah Cummings (D-MD) also asked what steps the State Department has taken to protect its information systems since the attack.
The email system was still down Monday – a day after the department disabled it over a breach that was discovered several weeks ago that appeared to target the White House. There was no indication then that the State Department had been affected. But State Department spokesman Jeff Rathke said two breaches now appear to be linked.
He said the State Department is still investigating who – or what – launched the attack.
“I don’t have anything to share at this point on the origins of the intrusion,” he told reporters.
But the incident unnerved lawmakers, who said Congress needs to better protect government technology systems.
“Criminals, hacktivists and nation states are attacking our government networks at an alarming rate,” House Homeland Security Chairman Michael McCaul (R-TX) said in a statement. “If a larger attack occurs, it’s going to be on Congress for not acting.”
McCaul said the number of reported data breaches on federal government computer systems nearly doubled – from nearly 27,000 to more than 46,000 – between 2009 and 2013, according to the U.S. Computer Emergency Readiness Team, which is a part of the Homeland Security Department.
Rathke said the attack only hit unclassified email systems at the State Department – and not business databases that contain information about Americans or, for example, foreign visa applicants.
Although the temporary shutdown was previously scheduled, “in this case, the response to this specific incident needed to be more comprehensive than our regular updates,” Rathke said.