"Not only was a large volume (11 out of 47 systems) of OPM's IT systems operating without a valid Authorization, but several of these systems are among the most critical and sensitive applications owned by the agency, " Michael Esser, OPM's assistant inspector general for audits, wrote in testimony prepared for committee.

CNN: U.S.: Hack of 18 million Americans came from China