Report: Census Hit by Cyberattack, US Count Unaffected

U.S. Census Bureau computer servers were exploited last year during a cybersecurity attack, but it didn’t involve the 2020 census, and hackers’ attempts to keep access to the system were unsuccessful, according to a watchdog report released Wednesday.

The attack took place in January 2020 on the bureau’s remote access servers.

According to the Office of Inspector General, the Census Bureau missed opportunities to limit its vulnerability to the attack and didn’t discover and report the attack in a timely manner. The statistical agency also failed to keep sufficient system logs, which hindered the investigation, and was using operating system no longer supported by the vendor, the watchdog report said.

The bureau’s firewalls stopped the attacker’s attempts to maintain access to the system through a backdoor, but unauthorized changes were still made, including the creation of user accounts, the report said.

In a written response, acting Census Bureau director Ron Jarmin reiterated that none of the systems used for the 2020 census were compromised, nor was the nation’s once-a-decade head count affected in any way.

“Furthermore, no systems or data maintained and managed by the Census Bureau on behalf of the public were compromised, manipulated or lost,” Jarmin wrote.

The 2020 head count data was being used to determine how many congressional seats each state gets and for the drawing of congressional and legislative districts. The data also is used for helping distribute $1.5 trillion in federal spending each year.

The Census Bureau on Wednesday released a set of measurements that reveal how people were counted and whether administrative records or a statistical technique were used to fill in the gaps for households where people didn’t respond to the 2020 census questionnaire. 

The bureau had previously released state-level data, and the information released Wednesday were summaries of county and tract level data.

They showed that the use of a statistical technique called imputation was highest in counties in Louisiana and New York. Imputation involves using information about neighbors with similar characteristics to fill in head counts or demographic characteristics for households lacking data. 

The count in Louisiana was challenged by a series of hurricanes last year, and some census takers reported difficulties getting access to apartment buildings in major cities due to the pandemic.

In some cases, census takers were only able to get a count of the number of people living in a home without getting information about the race, sex, age or relationships in the household. Counties in Connecticut, Delaware, Maryland and New York, on average, were higher than the national average.

The Census Bureau said in a statement that the measurements reflect what was expected in a “normally distributed population.”

“Some counties and tracts are higher on some metrics and some are lower on other metrics, but no signs point to anything unexpected in the results,” the statement said.