White House cyberattack confirmed by National Security Council

An attack by hackers on a White House computer network earlier this month was considered so sensitive that only a small group of senior congressional leaders were initially notified about it, U.S. officials said on Thursday.

The officials said the Democratic and Republican leaders of the Senate and the House of Representatives and the heads of the Senate and House Intelligence Committees, collectively known as the "Gang of Eight," were told last week of the cyberattack, which had occurred several days earlier.

Security experts said this limited group would normally be informed about ultra-secret intelligence operations and notifying them of a computer breach in this way was unusual.

Bernadette Meehan, a spokeswoman for the National Security Council, said, "Consistent with sensitive intelligence matters, the director of the FBI notified congressional leadership and the chairs and ranking members of the intelligence committees."

On Tuesday a White house official, speaking on condition of anonymity, said there had been a cyberattack on what was described as an unclassified computer network used by employees of the Executive Office of the President.

• China accused of hacking into Pentagon contractor networks
• JP Morgan investigated possible cyberattack by Russian hackers
• Chinese cyberattack hits Canada's National Research Council

The Washington Post earlier this week suggested hackers working for the Russian government may have been behind the attack. U.S. officials declined to say who was suspected, and some suggested many governments were capable of carrying it out.

StevenAftergood, an expert on government secrecy with the Federation of American Scientists, said "Gang of Eight" notifications were typically used to keep Congress informed of sensitive "covert actions" by agencies such as the CIA.

"Why would they limit the disclosure in this way? It might be a sign that they had not yet evaluated the breach and were uncertain about its sensitively or whether it was part of a larger (hacking) operation,"Aftergoodsaid.

An aide to Representative DutchRuppersberger, ranking Democrat on the House Intelligence Committee, saidRuppersbergerwas notified about the White House attack via telephone over a secure line.

He talked directly with FBI Director JamesComeyand White House Chief of Staff DenisMcDonough, the aide said.

The fact that the FBI director was involved in the notification may signal that a sensitive law enforcement investigation into the breach is in progress, another U.S. official said.

Full congressional committees with responsibility forcybersecurity issues, including the Intelligence and Homeland Security Committees of both chambers, were not notified by the FBI or White House about the attack, congressional aides said.

As a result of the attack, White House officials were asked to change their passwords and users faced temporary outages as the White House undertook defensive measures.