The first media reports and screaming headlines made it seem like CIA had sent wet-work teams to break into DiFi's office to bug her computer, ala Watergate. Slowly the hysteria has been walked back, but some still persists. This Arstechnica headline for instance: "How CIA snooped on Senate Intel Committee’s filesIt's easy to search someone's network when you hired the IT department"
First off, they weren't SSCI's files, they were CIA files in a CIA database that SSCI staffers were allowed access to. Additionally, it wasn't "someone's network" (i.e. SSCI's), it was a CIA network* that contained said database and files. So of course they hired the IT department. But if you read most of the press, you would think CIA was hacking Capitol Hill.
*The Arstechnica article calls it a "stand-alone network not connected to the CIA’s that could only be accessed by CIA personnel with the permission of the Senate staff." I would contend that this is still technically a CIA network, since they paid for it, built it, and maintained it. If they accessed it against an agreement, I will leave that to the lawyers to decide if that is "illegal")
Aside from the detailed piece linked above, I highly recommend Eli Lake's article from last Friday, for a balanced piece of reporting: What's Inside CIA's 'Black Site' Database? And Were Senate Staffers Allowed to See?
Now whether or not the monitoring/auditing done was normal innocuous IT activity, or the crime that DiFi seems to think it is, I have no idea. But I do know that most reporting has been based on speculation, misinterpretation, and projection, not actual facts. Like the ones Eli Lake was able to report last week.
On one last note, I am not sure how DiFi can claim that this is some grand 4th Amendment violation, given that the staffers are USG employees, doing USG work, on USG systems. Even if the activity was illegal, it in no way violated their expectations of personal privacy. Every USG computer system (and phone) is required to have disclaimers stating that their use implies a "Consent to be monitored".
And given that post-Snowden, NSA was roasted for not monitoring what files their own people could access, shouldn't we applaud CIA to for perhaps tracking which files non-agency employees accessed? You know, just in case they end up on the front page of the Guardian...