The attack on the bureau’s remote access servers took place in January 2020. The Census Bureau, according to the Office of Inspector General, missed opportunities to restrict its vulnerability to the attack and failed to detect and disclose the attack in a timely manner. According to the watchdog report, the statistical agency also failed to retain enough system logs, which hampered the inquiry, and was running an operating system that was no longer supported by the manufacturer. The bureau’s firewalls prohibited the attacker from using a backdoor to gain access to the system, but illegal changes were performed, including the creation of user accounts, according to the study. Acting Census Bureau director Ron Jarmin repeated in a written answer that none of the systems used for the 2020 census had been compromised, and that the nation’s once-in-a-decade head count had not been harmed in any way. “Furthermore, no systems or data maintained and administered on behalf of the public by the Census Bureau were compromised, altered, or lost…” Jarmin penned an essay.
