Senators want an annual report on cyberattacks affecting the governing body.
Angela Lang / CNETWhen a company is hacked, you'll likely get an email warning you that your information might have been stolen.
But when your senator is hacked, it could remain a secret forever. Two senators are hoping to change that.
Unlike companies and federal agencies, Congress has no legal obligation to disclose breaches, meaning that the public has no idea when elected officials are hit by cyberattacks. Senators are some of the most popular targets for hackers.
In 2017, then-Senate Sergeant at Arms Frank Larkin said "the Senate is considered a prime target for cybersecurity breaches" during a Senate hearing. He said that in 2016, the Senate's secure web gateway blocked more than 273 million connections to over 54,000 malicious websites targeting their internal network.
Politicians in general are frequent targets for hacks on both their professional and personal accounts. If the attacks are successful, you usually only find out about it through media reports or leaked documents.
The last time a Congressional computer breach was publicly disclosed was in 2009, when then-Florida Sen. Bill Nelson announced his personal computers were compromised.
In a letter signed by Sen. Ron Wyden, a Democrat from Oregon, and Sen. Tom Cotton, a Republican from Arkansas, the senators ask Senate Sergeant at Arms Michael Stenger to provide an annual report on the number of times Senate computers have been hacked, and incidents where hackers were able to access sensitive Senate data.
The letter also calls for Stenger to inform the Senate committees on Rules and Intelligence about any breaches within five days of discovery.
The hope is that if this information is regularly disclosed, senators would start taking their cybersecurity more seriously.
"Each US senator deserves to know and has a responsibility to know, if and how many times Senate computers have been hacked, and whether the Senate's existing cybersecurity measures are sufficient to protect both the integrity of this institution and the sensitive data with which it has been entrusted," the letter reads.
You can read the full letter here: