The US Office of Inspector General, earlier this week, issued a report disclosing that the computer servers used by the US Census Bureau were exploited last year during a cybersecurity attack, but reassured that the hack did not compromise the 2020 census. According to the report, hackers gained access to the servers in January 2020, but were unable to retain access to the systems and the security vulnerability was plugged.
Notwithstanding the Census Bureau’s ability to retain control of its servers, the report highlights a number of missteps by the Bureau in its cybersecurity preparedness. Specifically, the report notes that the Bureau failed to keep sufficient system logs, was using an operating system no longer supported by the vendor, and otherwise failed to implement generally accepted measures to limit its vulnerability to the attack.
In response to the report, acting Census Bureau Director Ron Jarmin issued a response that reiterated that none of the systems used for the 2020 census were compromised nor was the census count itself.
Abstracts and a full copy of the Inspector General’s report can be found here.