Story highlights National Counter Intelligence Executive William Evanina wrote a letter to Sen. Ron Wyden answering the Oregon Democrat's questions

U.S. officials have blamed the Chinese government for the attack, saying it amounted to a treasure trove of counterintelligence information

Washington (CNN) A top national intelligence official says the intelligence community had no responsibility to warn the Office of Personnel Management about vulnerabilities that led to the massive hack of more than 21 million sensitive federal employee records -- despite the incident now being a significant national security risk.

National Counterintelligence Executive William Evanina wrote a letter to Sen. Ron Wyden answering the Oregon Democrat's questions about the landmark cyberattack, which has been blamed on the Chinese.

In the response to Wyden's question of whether the intelligence community assessed the vulnerabilities of a database OPM maintained of highly sensitive background check information that OPM maintained or whether it offered any advice to OPM, Evanina pointed to bureaucracy.

"Executive branch oversight of agency information security policies and practices rests with the Office of Management and Budget (OMB) and the Department of Homeland Security (DHS)," Evanina wrote. "The statutory authorities of the National Counterintelligence Executive ... do not include either identifying information technology (IT) vulnerabilities to agencies or providing recommendations to them on how to secure their IT systems."

In the short letter, Evanina also defended the decision to maintain a database of the background checks going back as far as 1985, saying it offers the advantage of being able to "assess the 'whole person' over a long period of time."

Read More