mr. chairman. ms. seymour: does the exposure extend only to those who filled out form 86 or others as well? ms. archuleta: well, ma'am, apparently -- mr. palmer: well, ma' am, i have employees whose personal information may have been compromised. does it extend to people that filled out an fs- 6. ms. seymour: you were talking about fs-86's sir. mr. palmer: i asked you did the exposure extend beyond those who filled out fs-86, and you said the investigation was ongoing. apparently you have investigated enough to send a letter to employees who didn't fill out those forms. thank you for your "yes" answer. is there -- in your judgment, ms. archuleta how likely is it that the hackers were able to access these personal files through an employee account? ms. archuleta: sir, we will be able to discuss that with you in a classified setting. mr. palmer: are you familiar with "the wall street journal" article that indicated that it was possible that the breach occurred through personal e-mail accounts because employees w

mrs. seymour, you are in charge of overall of this? to do you feel you have the skill set to oversee something of this magnitude? >> i don't ever think i have the skill set to do something this large that is why i employ people who have of broader or different skill said stanley in various areas. i don't have all the technical skills i would need it takes a team. >> okay. in your past positions have you overseen? what are those largest projects? >> i have overseen very large projects those said my past employment with department of defense as well department of transportation and systems that were enterprise wide for a large population like opm. >> size why is? >> how could they complete the projects? >> how some of them are much faster than others some of them are delivered within when your son took multiple years and the way that we are changing the way we deliver solutions we try to find a viable product of the capability to deliver within six months segments. >> how quickly can you complete the trend? >> when restarted the project

mrs. seymour. you know any of the management of cinside. >> not that i'm aware of. >> do you have any knowledge about the management of csaid? >> not that i'm aware of. i got key personnel resumes in the proposal. >> did anyone discuss with you any knowledge about the ceo, scott kruitchank. >> no sir. >> hosam bengasam. >> no, only four directors. the last one is owen lee. i asked you about him earlier. >> no, sir, i have no recollection of him. >> you know, you've let a contract in a very sensitive area. i mean this literally impacts millions of people. it impacts their -- potentially impacts their financial well-being, their careers, yet it appears you didn't do the most basic research into the company that you've contracted this with. if you had, i think you might have discovered that mr. lee is under investigation by the democrat of justice and securities exchange council -- commission, i mean. they're looking into his management of a group called carnesi, which in nine months he lost 99.97% of

mrs. seymour.do you know any of the management of cinside. >> not that i'm aware of. >> do you have any knowledge about the management of csaid? >> not that i'm aware of. i got key personnel resumes in the proposal. >> did anyone discuss with you any knowledge about the ceo, scott kruitchank. >> no sir. >> hosam bengasam. >> no, only four directors. the last one is owen lee. i asked you about him earlier. >> no, sir, i have no recollection of him. >> you know, you've let a contract in a very sensitive area. i mean this literally impacts millions of people. it impacts their -- potentially impacts their financial well-being, their careers, yet it appears you didn't do the most basic research into the company that you've contracted this with. if you had, i think you might have discovered that mr. lee is under investigation by the democrat of justice and securities exchange council -- commission, i mean. they're looking into his management of a group called carnesi, which in nine months he lost 99.97%

mr. chairman. miss seymour, this data breach is particularly concerning, because the individuals who were targeted are government employees and the suspected attackers are foreign entities. i'm concerned that this breach may pose a national security threat. according to a statement from opm, the personal information of approximately four million current and former federal employees was compromised in this breach. what can you tell us about the type of personal information that was compromised in this breach? >> thank you for the question sir. the type of information involved in the personnel records breach includes typical information about job assignments, some performance ratings not evaluations, but performance ratings, as well as training records for our personnel. the information involved in the background investigations incident involves sf-86 data as well as clearance adjudication information. >> so, social security numbers? >> yes, sir. social security number, date of birth, place of birth, typical pii,

mr. meadows. >> ms. seymourlet me come to you because there seems to be some conflicting information before this committee. on april the 22nd you indicated it was the adversary's modern technology and the opm's antiquated system that helped thwart in your words, thwart hackers at the first opm attack. is that correct? >> yes, sir. >> last week you testified repeatedly that it was the opm's antiquated systems that were the problem and the chief reason that the system was not secure and didn't do just the basic cybersecurity measures of incryption and network protection. so i guess my question to you ms. seymour which is it? is it the fact the old system helped you or the old system hurt you? those are two conflicting pieces of testimony. >> i don't believe they are conflicting, sir. in the first incident the old technology thwarted the actor because they did not know what they were doing in that environment. why immediately put in place a plan to provide better -- >> so you caught them immediately? >> no we immed

mr. palmer spectrum when. ms. seymour, does the exposure include others or does it include those of fellow other former 86? >> our investigation is ongoing. >> apparently it does because i had to employees who never fill out a standard form 86 and i have a letter from you informing them of the possibility of their dated may been compromised. i will ask you again and this is a yes or no does it extend beyond the people who filled out an sf-86? >> my answer to that is yes, sir. there are two incidents we've come here to talk to you about today. >> why didn't you answer yes? >> your doctor sf-86. >> i made it clear to do the exposure extend beyond those who filled out sf-86 and you said the investigation was ongoing it apparently you've invested enough to send a letter to employees who didn't fill out the forms. thank you for your just answer. -- yes answer. in your judgment ms. archuleta, how likely is it that the hackers were able to access these personnel files to an employee account? >> sir, we will be able to discuss th

mr. chairman. ms. seymour let me come to you because there seems to be some conflicting information before this committee. on april the 22nd, you indicated it was the adversary's modern technology and the opm's antiquated system that helped thwart, in your words, thwart hackers at the first opm attack. is that correct? >> yes, sir. >> last week you testified repeatedly that it was the opm's antiquated systems that were the problem and the chief reason that the system was not secure and didn't do just the basic cybersecurity measures of incryption and network protection. so i guess my question to you, ms. seymour, which is it? is it the fact the old system helped you or the old system hurt you? those are two conflicting pieces of testimony. >> i don't believe they are conflicting, sir. in the first incident the old technology thwarted the actor because they did not know what they were doing in that environment. we immediately put in place a plan to provide better -- >> so you caught them immediately? >> no, we

mr. turner for five minutes. >> miss choout and miss seymour, i just want to remind you that you are under oath and i have a series of questions that follow on to carolyn maloney's questions. it was reports in the wall street that a company named site teches that related they were involved in discovering

and since donna seymour came in as cio and because of our experience -- and as mr. spires says, the good talents and experience we have in government, we brought her from d.o.d. and d.o.t. he was able to apply those skills and that talent to identify what our strategic steps are and thou develop them. first the thing we needed to look at is what could we place on that legacy system and that's where she began and continue to do throughout her teen your. >> your point is, from your arrival your priority was to get a cio and begin implementation of a plan? >> i will tell you senator, that from the first time i was briefed on our i.t. infrastructure during my confirmation prep, preparation, i knew that there was a problem. and that is why in my confirmation hearing i said it would be a top priority and i promised my -- your colleagues that i would develop an i.t. strategic plan, which i did, and produced within the first 100 days. i was also wise enough to hire donna seymour. >> the i.t. strategic plan that you mentioned, is that something we can see? absolutely. it's o

mrs. seymour -- no come on you are the head of the agency and i want to ask you how many heads are at play here. >> i will get back to you -- >> no, no, this is what you wrote to the appropriations chairman to the house and senate that will. you wrote as a proprietor of sensitive data including personal identify blg information for 32 million federal employees and retirees, opm has an obligation to maintain and maintain cyber controls. you wrote that in february. are you here to tell me that information is all safe or is it potentially 32 million records that are at play here? >> as i mentioned to you earlier in my testimony mr. chairman, we are reviewing the number and the scope of the breach and the impact -- >> so it could be as high as 32 million? is that right? >> i mentioned to you, i will not give a number that is not completely accurate and as i mentioned in my testimony -- >> i am asking you for a range. we know it's a minimum of 4.2 million, but it could be as high as 32 million? >> i am not going to give you a number that i am not sure of. >> when they fill out the sf86, that wo

mr. hurd: how much overtime have you signed off on? ms. seymour: my cio team works 20 47. -- 24/7. >> i am very proud of the employees working on this issue. mr. hurd: you have inherited a mess. we are looking to you to ensure things like this do not happen. to make sure agencies are implementing recommendations of the ig, the gao. we will continue to drag people up here and answer these questions. that is our responsibility. i recognize that, you are not going to stop everybody from penetrating your network. how quickly can you identify them and kick them off? those are metrics we should be using. we are woefully and adequate i yield back time. >> thank you, mr. chairman. ms. archuleta:, you said, we have confirmed that any employee from across branches of service may have been compromised, even if there personnel file was not stored. what do you mean by service history? ms. archuleta: their careers they may have been in a different position earlier than perhaps -- as they move around government. it may be someone whose current job would not be a

mr. chairman. ms. seymour, does the employee exposure extend to only those that filled out standard form 806 or others as well. >> our investigation is ongoing, sir. >> ma'am apparent lit it does because vi two employees who have never filled out a standard form 86 and they have a letter from you informing them of the possibility that their data may have been compromised. i'll ask you again, and it's a yes or no. does it extend beyond the people who filled out an sf 86? >> my answer to that is yes, sir. there are two incidents we've come here to talk to you about today. >> why didn't you answer yes to start with? >> you were talking about sf 86s sir. >> i made it clear i asked you did the exposure extend beyond those who filled out sf 86. and you said the investigation was ongoing. apparently you've investigated enough to send a letter to employees who didn't fill out those forms. so thank you for your yes answer. is there -- in your judgment, ms. archuleta, how likely is it that the hackers were able to acces

seymour: thank you, mr. cummings, for the question. a lot of our systems are aged and implementing some of these tools takes time and some of them we cannot even implement in our current environment. that is why under director archuleta's leadership, we have launched a new program where we are building a new environment, a new architecture, a modern architecture that allows us to implement additional security features. we have in our legacy environment, we have installed numerous technologies. that is how we discovered this breach in the first place. we are shoring up what we have today and are building up for the future so we can become more secure and provide these types of protections to our data and systems. rep. cummings: in the meantime, we're going to collect and store personal information, we must make it unusable to oured a versares. would you agree? o.p.m. as well as american businesses do a better job of protecting sensitive information, would you agree, ma'am? ms. seymour: yes, sir. rep. cummings: do you have the tools to d

mr. jeanetta. >> perhaps ms. seymour would know, we will get the information back to you. >> do you know if it was immediately? >> i would expect that it was immediate. >> let's find out, ms. seymour do you know? >> no, sir, i don't, i don't think that we -- i certainly don't think we immediately notified our contractors of a breach to our network. lou: joining us, the man you just saw in that clip, congressman trey gowdy. the chairman of the benghazi select committee. a member of the house oversight and judiciary committees. mr. chairman, start by saying thanks for being with us. >> yes, sir. lou: and secondly, there is a decided impression given off by those who represent this administration that they don't know much and don't want to speak substantively about many things, is that a fair observation? >> certainly narrows your witness list if you only can bring witnesses who can answer your questions, i was a little disappointed. you know jason chaffetz spends a lot of time finding witnesses that can add to deliberation

mr. esser? >> i agree with what the other witnesses stated. and as miss seymour just said, we do go out and do audits of contractors, background investigation companies as well. so we can be used and see ourselves in that role. >> mr. chairman, i thank you for your indulgence. and i want to note that usis was invited here today -- >> i appreciate. you're almost 3 minutes over time. we have classified that we have to go to and members with questions. >> yield back. >> i now recognize mr. russell from oklahoma for five minutes. >> thank you, mr. chairman. i'm baffled by all of this. upon receipt -- or upon your appointment of directorship of opm, director archuleta stated she wanted to build an inclusive work force and who would have thought that included our enemies. in testimony today we heard statements that we did not encrypt because we thought they might be able to decrypt or decipher. that is just baffling to me. there was another statement i heard earlier today that said had we not established the systems we would never have known about the breech. that is t

mr. chairman. miss seymour, let me come to you, because there seems to be some conflicting information before this committee on april the 22nd you had indicated that it was the adversaries modern technology and the opm's antiquated system that helped thwart in your words, thwart hackers at the first opm attack, is that correct? >> yes, sir. >> okay. last week you testified repeatedly that it was the opm's antiquated systems that were the problem and the chief reason that the system was not secure and you didn't do just the basic cyber security measures of in corruption and network protection and so i guess my question to you miss seymour, which is it? is it the fact that the old system helped you or the old system hurt you? those are two conflicting pieces of testimony? >> i don't believe that they are conflicting sir. in the first incident, the old technology thwarted the actor because they didn't know what they were doing in that environment. we immediately put in place a plan to provide. >> so you caught the

mr. jeanetta. >> i would have to get that information back to you. perhaps ms. seymournow. >> reporter: do you know if it was immediately? >> i would expect that it was immediate. >> let's find out. ms. seymour do you know? >> no, sir, i don't. i certainly don't think we immediately notified our contractors of a breach to our network. lou: joining us now, the man you just saw in the clip, congressman trey gowdy, the chairman of the benghazi select committee. a member of the house oversight and judiciary committees. thank you for joining us. >> yes, sir. lou: secondly, there is a decided impression given off by those who represent this administration that they don't know much and they don't want to speak substantively about very many things. is that a fair observation? >> well, it certainly narrows your witness list if you can only bring witnesses who answer your questions. i was disappointed. jason chaffetz finds witnesses who can add to our deliberations and inquiry, and he missed out on a couple today. that's not his fault. if you can't ask the head of the agency what

sense donna seymour came in as cio because of her experience and as mr.spires said, we brought her from dod to apply those skills and that talent. what could be place on that legacy system? what would it take to do that? that is where she has began and what she continues to do throughout her tenure. senator moran: your point is not necessarily following the three breaches that we just talked about but from your arrival, your priority was to get a cio and begin implementation of a plan? director archuleta: i will tell you, senator that from the first time i was briefed on our i.t. infrastructure german during my confirmation preparation, i knew that there was a problem. and that is why my confirmation hearing, i said it would be a top priority, and i promised your colleagues that i would develop an i.t. strategic plan, which i did. and produce within the first 100 days. i was wise enough to hire donna seymour. senator moran: the i.t. strategic plan that you just mentioned is that something we , could see? director archuleta: absolutely. it is on our websit

donna seymour, from the united states office of personnel management and mr.ael esser, assistant inspector general for audits office of the inspector general at the united states office of personnel management. we welcome you all. pursuant to committee rule, all witnesses will be sworn before they testify. if you will please rise and raise your right hand. do you solemnly swear or affirm that the testimony you are about to give will be the truth, the whole truth and nothing but the truth. thank you. please be seated. let the record reflect that all witnesses answered in the affirmative. in order to allow time for discussion, we would aappreciate you limiting your testimony to five minutes. we will -- again please limit your comments to five minutes. i'll be a little bit generous but five minutes if you could and then your entire written statement will be entered into the record. at the conclusion of those we'll hear from mr. cummings and go to questions from there. with that, we'll recognize miss archuleta, the director of the office of personnel management an

mr. t can teach us about the stocks. "mad money" is next. 3w4r. >>> time for the final trade. around the horn we go. tim seymourchael kors on that huge fall. i think the company is not broken. but i took some profits yesterday. and i think it's a decent time. i think the stock's going to have trouble moving much from this legend. >> john deere up year to date. take profits here. >> 386 is your badge number. >> now i get it. >> beakers. >> tomorrow morning we have retail sales. very, very important number. the bond market yields have been spiking. you get a hot retail sales number you buy tbt. i'm short 30 years. but you can do tbt. >> guy adami. >> fun show. >> fun, fun, fun. >> good times. >> remember michael burns, good-looking man, we said if lionsgate recaptures $32 level price is secondary off to the races. what happened? tim seymour bought the stock. look at it today breaking out. lgf. that will get you done. hi, michael. he watches, by the way. >> i know he does. hi, michael. i'm melissa lee. thanks for watching. see you back here tomorrow at 5:00 for more >>> my mission is simple -- to make you money. i

seymour, chief information officer of the office of personnel management ms. anne baron -- help me here decamilo, emergency readiness team at the united states department of homeland security. mr. eric hess is the chief executive officer of key point government solutions and mr. rob giannetta is the chief information officer at usis. all witnesses are to be sworn before they testify. so if you will please all rise and raise your right hand. do you solemnly swear or affirm that the testimony you're about to give will be the truth, the whole truth and nothing but the truth? thank you. let the record reflect that all witnesses answered in the affirmative. in order to allow time for discussion, please limit your verbal testimony to five minutes and obviously your entire written statement will be made part of the record. we will start first with the director of the office of personnel management ms. archuleta first. you're now recognized for five minutes. >> chairman ranking member cummings and members of the committee, thank you for the opportunity to testify before you again today. i understand and i share the concerns and the frustration of federal employees and those affected b