Rep. Adam Schiff called this cyberattack "among the most shocking because Americans may expect that federal computer networks are maintained with state of the art defenses." OPM's computers are protected by the Department of Homeland Security's intrusion detection system called EINSTEIN, just like every other federal agency's. In fact, EINSTEIN -- which monitors all federal internet traffic to identify unauthorized access -- was the one that detected malicious activities in OPM's system back in April. Unfortunately, it wasn't that effective in this situation: the DHS concluded in early May that the agency's data was already compromised by the time the breach was discovered. It's still unclear why EINSTEIN failed to identity the cyberattack much earlier.

Homeland Security is now working with OPM to determine how the attack was carried out, putting the FBI in charge of the investigation. "DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion," the agency said in a statement. OPM itself will be busy sending notices to the 4 million people affected from June 8th to June 19th, offering them credit monitoring and identity theft protection services. It has also published detailed instructions on how the victims can protect themselves from identity theft.