A spokeswoman for National Archives said suspected malicious files that were found on three of the agency’s computers were actually ‘legitimate’ and ‘not associated with the OPM incident’ as had been speculated.
‘NARA is partnering with DHS and [U.S. Computer Emergency Readiness Team] pro-actively to ensure that NARA systems are protected to the fullest extent possible,’ Laura Diachenko, a National Archives and Records Administration spokeswoman, said in an email
On Tuesday, the agency said it detected two files on the computers that matched some of the criteria that the Department of Homeland Security sent to agencies after the OPM hack – called indicators of compromise, or IOCs. At that time, the agency, told FedScoop that the affected computers were cleaned and reimaged when officials discovered the files. It also said no agency systems were compromised.
On Wednesday, Diachenko said in an email that the files that the files in question were not malware. A DHS representative would not elaborate on what the files were or why they were considered IOCs.