COMMITTEES:

RD WY 
OREGON COMMITTEE ON FINANCE
COMMITTEE ON BUDGET
CHAIRMAN OF ON a COMMITTEE ON ENERGY NATURAL RESOURCES
FINANCE   SELECT COMMITTEE ON INTELLJGENCE

WASHINGTON, DC 20510?3703 JOINT COMMWEEON 

221 DIRKSEN SENATE OFFICE BUILDING

WASHINGTON. DC 20510

August 12, 2015

(202) 224?5244

911 NE 11TH AVENUE

SUITE 630

PORTLAND, OR 97232
(503) 326?7525

Director William Evanina

National Counterintelligence Executive

National Counterintelligence and Security Center
Of?ce of the Director of National Intelligence
Washington, DC 20511

Dear Director Evanina:

The National Counterintelligence and Security Center (NCSC) is tasked with a very important
mission, which includes defending the nation?s classi?ed information and assets from
exploitation by foreign adversaries. The importance of this mission has recently been
underscored by compromises of sensitive US government personnel data.

In April 2015, the Of?ce of Personnel Management (0PM) announced that that it had been the
target in the ?rst of two security incidents. The ?rst security incident affected 4.2 million current
federal employees and included personal information such as names, birth dates, home addresses
and Social Security numbers. In June 2015, OPM announced a second security incident
affecting 21.5 million individuals?including current, former, and prospective employees and
their relatives and associates?had compromised sensitive background investigation information
and, in some cases, ?ngerprints. This information could clearly be of signi?cant value to foreign

intelligence services.

There appear to have been signi?cant warning signals regarding the security of networks,
including a report from the OPM Inspector General that speci?cally noted weaknesses in two of
systems that support suitability and security clearance determinations.

The fact that such sensitive information was not adequately protected raises real questions about
how well the government can protect personnel information in the future, especially as the
security clearance process moves toward conducting ongoing evaluations and incorporating
publicly available electronic information.

I would like to know what actions the NCSC took prior to these OPM security incidents and
what the NCSC will be doing to prepare for future attacks that will similarly target personnel and
background investigation information. Speci?cally, I ask that you answer the following
questions:

1. Did the NCSC identify security clearance database as a counterintelligence
vulnerability prior to these security incidents?

2. Did the NCSC provide 0PM with any recommendations about how to secure this
information?

3. At least one of?cial has said that the background investigation information compromised

1n the second 0PM hack 1ncluded 1nformat10n on 1nd1v1duals as far back at 1985. Has the
405 EAST 8TH AVE SAC ANNEX BUILDING S. COURTHOUSE THE JAMISON BUILDING
SUITE 2020 105 FIR ST 310 WEST 6TH ST 131 NW HAWTHORNE AVE
EUGENE, OR 97401 SUITE 201 ROOM 118 SUITE 107
(541) 43170229 LA GRANDE, OR 97850 MEDFORD, OR 97501 BEND, OR 97701
(541) 962?7691 (541) 858?5122 (541) 330?9142


PRINTED 0N RECYCLED PAPER

707 13TH 51?, SE
SUITE 285
SAIJEM, OR 97301
(503) 589?4555

NCSC evaluated whether the retention requirements for background investigation
information should be reduced to mitigate the vulnerability of maintaining personal
information for a signi?cant period of time? If not, please explain why existing retention
periods are necessary.

Strong cyberseeurity protections are obviously an essential part of effective counterintelligence,
and thoughtful risk management is the best way to ensure both. I appreciate your attention to
this important matter, and I look forward to your response.

Sincerely,

tmwvir?m

Ron Wyden
United States Senator