The Russians could reportedly only crack "moderately encrypted" radio systems like those the FBI used, and not the strongest protections, but that was still worrying -- and it wasn't certain just how Russia compromised the systems. Some officials worried Russia might have a mole, but that wasn't clear. An anonymous CIA officer speaking to Yahoo News said that Russia had a habit of disguising human sources as technical attacks. They may have simply loitered in areas where they could listen in on conversations.
The FBI clamped down by switching to new, better-encrypted radios. And thankfully, the damage appeared to have been less dangerous than it could have been. American intelligence also found that the breaches had limited effect, according to the sources. To some degree, the Russians were stymied by their own efforts -- they couldn't take some actions lest they reveal that they'd cracked the codes.
Even so, the breach hurt American intelligence after the seriousness of the breaches became clear in 2012. The FBI apparently cut contacts with some of its Russian sources, while other sources broke off communications. The CIA also halted some communications. And numerous government facilities made simple changes to their practices, such as changing encryption codes more frequently and moving chats away from windows.
As to why the White House didn't act sooner? Supposedly, there was a "reset hangover" where conflicting reports on Russia's sincerity about cooperation led some administration officials to maintain hope for cooperation even as Russia was stepping up its intelligence efforts. The 2016 election meddling was an acknowledgment that the situation wasn't going to get better. And between ongoing Russian interference and gradually returning spies, US agencies will have to keep their guard up.