Florida Sen. Marco Rubio demanded on Thursday that the Obama administration "immediately" release all information about the massive hack that has affected roughly 4.2 million current and former government branch workers.
The Republican presidential hopeful made his comments only hours after it was revealed that the White House waited roughly four weeks before telling the public that hackers had stolen the personal information.
"All details that can be shared with the public, and especially those affected, should be released immediately to halt the slow, trickle of bad news that keeps coming from this attack," Rubio said in a statement.
A White House official, who was not authorized to speak publicly about the break-in, justified the delay saying it was needed to identify what information was exposed and how many people were affected, and ensure that a public announcement wouldn't interfere with the investigation and establish a process to notify affected employees.
Weeks later, the U.S. still doesn't know exactly what information was exposed or how many people were affected, and it has not provided detailed warnings to employees whose information was compromised.
"We are working with the agencies right now to determine how many of their employees were affected," the U.S. Office of Personnel Management’s director, Katherine Archuleta, said on Capitol Hill. "We do not have that number at this time."
Rubio has also used the breach to rail against the Obama administration’s handling of its relations with China. The Obama administration is increasingly confident that China's government, not criminal hackers, was responsible for the hack.
"With its growing regional expansionism and illegitimate territorial claims in the South China Sea, its rapid military buildup in defense capabilities, its provocative activities in space and its 24-7 offensive cyber attacks against the U.S. government and private sector, it’s clear the past six and a half years of the Obama foreign policy have sent the wrong message to Beijing," Rubio said.
China has openly denied involvement in the break-in, and the U.S. has publicly provided no direct evidence proving China was responsible.
Investigators inside U.S. intelligence and law enforcement agencies, using secret "beacons" employed across the Internet, have been monitoring data transmissions across overseas networks for the file properties associated with the American personnel records, and scouring communications among targeted foreign hackers for credible references to the theft, two people directly involved in the investigation said. They spoke on condition of anonymity because parts of the case and techniques being used are classified.
The investigation is being coordinated at the little-known National Cyber Investigative Joint Task Force, which is led by the FBI and includes 19 intelligence agencies and law enforcement, including the National Security Agency, CIA, Homeland Security Department, Secret Service and U.S. Cyber Command.
Investigators also have watched underground markets where identity thieves peddle information and found no trace of the data stolen from the U.S. Office of Personnel Management, they said. In the chessboard world of espionage, they also acknowledged that by revealing what they said was indirect evidence that spying was actually the motive, it might encourage Beijing's government to sell at least some of the data surreptitiously to implicate identity thieves in what would be a counter-counterintelligence false-flag operation.
The administration acknowledged earlier this month that hackers stole the personnel files and background investigations of current and former civilian, intelligence and military employees, contractors and even job applicants. Initially, the U.S. said the stolen data included Social Security numbers, birth dates, job actions and other private information for 4.2 million workers.
Days later, it acknowledged that the cyber spies obtained detailed background information on millions of military, intelligence and other personnel who have been investigated for security clearances. That information included details about drug use, criminal convictions, mental health issues and the names and addresses of relatives and any foreigners with whom they had contact.
The Associated Press contributed to this report.