Cummings Seeks Briefings and Documents on Troubling Increase in Cyber-Attacks

Nov 12, 2014
Press Release

Washington, D.C. (Nov. 12, 2014)—In the wake of the increasing number and scope of cyber-attacks against U.S. companies and government agencies over the past year—and in light of press reports suggesting that many of these cyber-attacks originate from overseas—Rep. Elijah E. Cummings, Ranking Member of the House Committee on Oversight and Government Reform, sent letters today to the Chief Executive Officers of Home Depot, Target, Kmart, Community Health Systems, and the parent companies of USIS seeking detailed briefings from their chief IT officers and requesting information about recent attacks against their companies.

“The increasing number of cyber-attacks and data breaches is unprecedented and poses a clear and present danger to our nation’s economic security,” Cummings wrote.  “Each successive cyber-attack and data breach not only results in hefty costs and liabilities for businesses, but exposes consumers to identity theft and other fraud, as well as a host of other cyber-crimes.  Your ability to protect consumers and safeguard their personal information is central to earning and maintaining consumer confidence.”

Press accounts have reported on a recent wave of cyber-attacks against U.S. interests originating from overseas, including from China and Russia.

“The increased frequency and sophistication of cyber-attacks on both public and private entities highlights the need for greater collaboration to improve data security,” Cummings wrote.  “Your company’s knowledge, information, and experience with this recent data breach will be helpful as Congress examines federal cybersecurity laws and any necessary improvements to protect sensitive consumer and government financial information.”

Cummings sent a similar letter on Monday regarding a cyber-attack at the U.S. Postal Service.

Over the past year, Cummings has pressed repeatedly for enhanced oversight of cyber-security measures in both the private and public sector, including hearings on Home Depot, Target, Community Health Systems, and USIS.  To date, however, no Committee hearings have been held.

In his letters today, Cummings requested information about the scope of these cyber-attacks, including the types of data breached and those suspected to have caused the breach, the number of customers potentially affected, findings about vulnerabilities to computer systems, and data protection improvement measures taken since discovering the breach.

Letters to the five companies are linked below.

Home Depot
Community Health Systems
Providence Equity Partners/Altegrity (USIS Parent Companies)

113th Congress