Leaders of the House Energy and Commerce Committee launched an investigation into a recent FDA cyber breach and requested a review of cyber security at Department of Health and Human Services agencies on Monday.
Energy and Commerce Committee Chairman Rep. Fred Upton (R-Mich.) and Committee Vice Chairwoman Rep. Marsha Blackburn (R-Tenn.) were among the legislators who signed a letter requesting documents related to the breach and that the FDA undergo a third-party security audit.
An unauthorized user breached the FDA’s online submission system on Oct. 15, according to the agency.
“…The security breach exposed details, phone numbers, email addresses and passwords of 14,000 accounts, around 5,000 of which are active,” the legislators said. “To restore public confidence in the FDA’s information security, we request that you immediately obtain a third-party audit from a qualified expert to assess and ensure the adequacy of FDA’s corrective actions taken in response to this incident.”
Lawmakers requested a response from the FDA by Dec. 23.
Upton was also among legislators who signed a letter to Comptroller General Gene Dodaro requesting that the Government Accountability Office look into information security measures in place at HHS agencies.
“HHS is responsible for almost a quarter of all federal outlays, and it administers more grant dollars than all other federal agencies combined,” the legislators said. “HHS and its component agencies also collect, process and maintain highly sensitive information including proprietary business information, medical records and personally identifiable information.”
The review would assess whether or not current security measures protect the confidentiality, integrity and availability of each agency’s records.