Attacks such as the one that exposed the personal data of millions of U.S. federal workers will continue and are likely to increase, said the head of one agency that thwarts 10 million attempted hacks every month.

Katherine Archuleta, who leads the U.S. Office of Personnel Management (OPM), came under fierce attack during a congressional hearing on Tuesday over the data breach revealed last week. That attack reflected decades of neglect of government computer systems and could have been much worse, Archuleta said.

"In an average month, OPM . . . thwarts 10 million confirmed intrusion attempts targeting our network. These attacks will not stop. If anything, they will increase," she told the House Committee on Oversight and Government Reform. The hearing was the first in Congress since the OPM hack was disclosed earlier this month.

Archuleta said two security breaches OPM detected this spring were discovered and contained because of new security measures taken in the last year. One breach, discovered in April, affected personnel records. The other, detected in May, affected background investigations for current, former and prospective government employees.

Archuleta said 4.2 million employees were affected by the OPM hack discovered in April, but refused to say how many people had been affected in the other attack. She also refused to say how many years' worth of records had been affected.

Archuleta described security measures her agency had taken to encrypt personal data. Both intrusions occurred before the security measures were in place, but Archuleta did not specify when.