Cummings Requests Information on Recent Data Breach at KeyPoint

Jan 6, 2015
Press Release
Personal Information of More Than 40,000 Federal Workers May Have Been Compromised

Washington, D.C.—Today, Rep. Elijah E. Cummings, Ranking Member of the House Committee on Oversight and Government Reform, sent a letter to the CEO of KeyPoint Government Solutions, Inc., one of the largest providers of background investigation services for the federal government, requesting documents and a briefing from the Chief IT Security Officer regarding a major data breach.

“As a leading provider of background check services for the federal government, it is imperative that KeyPoint’s systems have sufficient controls in place to properly safeguard the highly sensitive data it collects on federal employees through the course of its work,” Cummings wrote.  “The increasing number and apparent sophistication of cyber attacks against companies tasked with conducting background checks for the U.S. government poses a clear and present danger to our nation’s security.”

Cummings expressed particular concern because this breach appears similar to an earlier breach at USIS, another government contractor that also conducted background checks for the federal government until last year.  The USIS breach reportedly compromised the personally identifiable information of at least 25,000 federal employees.

In today’s letter, Cummings requested information about the scope of the breach at KeyPoint, including the number of federal employees potentially affected, the identity of the suspected hackers, findings about vulnerabilities to the company’s systems, and improvement measures taken since discovering the breach.

Over the past year, Cummings has pressed repeatedly for enhanced oversight of cyber-security measures in both the private and public sector, including at Home Depot, Target, Kmart, Community Health Systems, USIS, U.S. Postal Service, State Department, JPMorgan Chase, and other financial institutions.

114th Congress