Report: Census hit by cyberattack, US count unaffected

Mike Schneider
Associated Press

U.S. Census Bureau computer servers uninvolved with the 2020 census were exploited last year during a cybersecurity attack, but hackers' attempts to keep access to the system were unsuccessful, according to a watchdog report released Wednesday.

The attack took place in January 2020 on the bureau's remote access servers.

According to the Office of Inspector General, the Census Bureau missed opportunities to limit its vulnerability to the attack and didn't discover and report the attack in a timely manner. The statistical agency also failed to keep sufficient system logs, which hindered the investigation, and was using operating system no longer supported by the vendor, the watchdog report said.

The bureau's firewalls stopped the attacker's attempts to maintain access to the system through a backdoor, but unauthorized changes were still made, including the creation of user accounts, the report said.

In a written response, acting Census Bureau director Ron Jarmin reiterated that none of the systems used for the 2020 census were compromised, nor was the nation's once-a-decade head count affected in any way.

“Furthermore, no systems or data maintained and managed by the Census Bureau on behalf of the public were compromised, manipulated or lost ..." Jarmin wrote.