Washington – Sen. Chris Murphy’s disclosure that he is a victim of the massive hacking of personal data from the U.S. Office of Personnel Management was the third by a member of Congress and an indication that lawmakers, whose employment records are usually kept in the House and Senate, were not immune to the massive cyberattack.
Besides Murphy, Sens. John Boozeman, R-Ark., and Steve Daines, R-Mont., received letters from the the U.S. Office of Personnel Management in recent weeks saying their personal identifying information, such as dates of birth and Social Security numbers, may have been compromised.
One thing that all three senators have in common is that they moved from the U.S. House of Representatives to the Senate in recent years.
OPM spokesman Mark Jacobson said he could not say immediately why certain members of Congress had been compromised.
Murphy disclosed Thursday that his personal information was compromised during a CNN interview on the OPM hacking.
“I got a letter telling me that my information was stolen, so this is personally important to me…” Murphy said.
When a member leaves the House or Senate, information about their employment is sent to OPM to process their pensions.
But for now, only senators who have previously served in the House say their records have compromise.
On Friday, OPM Director Katherine Archuleta became the latest victim of the cyberattack on the agency. She resigned amid congressional outrage about a new revelation that an additional 21 million current and former federal workers, job applicants and contractors have had their personal information stolen, possibly by Chinese intelligence.
“I conveyed to the president that I believe it is best for me to step aside and allow new leadership that will enable the agency to move beyond the current challenges and allow the employees at OPM to continue their important work,” Archuleta said in a statement.
OPM in June revealed that 4.2 million personnel records had been stolen in cyberattacks.
Murphy and his senate colleagues were victims of that first attack.
Jacobson said health, financial, payroll or retirement records “had not been impacted,” but other information, including Social Security numbers, was stolen.
The White House confirmed this week that the breach was actually much more extensive and involved more than 21 million Social Security numbers from everyone that had completed a federal background investigation form since 2000, a theft that officials say could be used for blackmail or counterintelligence.
OPM officials said this week that the perpetrators, who still have not been identified, accessed the OPM networks through a contractor’s compromised username and password.
Murphy said the cyber attacks were “scaled versions of espionage,” that “went beyond the line” in what nation’s do to collect information on each other.
He also he expected the United State to react through a “proportional” and “clandestine” response.