Massive Postal Service breach hits employees and customers

  • 10 November 2014
  • 9 replies
  • 2 views

Userlevel 7
Badge +54
This is getting crazy. Another huge breach is coming to light now, this one with the U.S. Postal System.
 
By Evan Perez, CNNNovember 10, 2014 -- Updated 1617 GMT (0017 HKT) "Washington (CNN) -- Hackers recently broke into a U.S. Postal Service computer system and stole personal data, including social security numbers, for 750,000 employees and retirees, a U.S. official familiar with the breach told CNN on Monday.
The breach also compromised the data of 2.9 million postal service customers, the official said.
The Postal Service acknowledged the breach in a statement Monday but didn't provide details.
A USPS statement said: "The Postal Service has recently learned of a cyber-security intrusion into some of our information systems. We began investigating this incident as soon as we learned of it, and we are cooperating with the investigation, which is ongoing. The investigation is being led by the Federal Bureau of Investigation and joined by other federal and postal investigatory agencies. The intrusion is limited in scope and all operations of the Postal Service are functioning normally."
 
Full Article and Video

9 replies

Userlevel 7
Crazy indeed.   I wonder how long they took from detecting the issue before they started notifying affected employees/customers and the public?
Userlevel 7
Badge +54
@ I hate to be the one to alarm you BUT and it is a but, IF the reports are right it was discovered in September.
 
by Ben Gilbert
 
The United States Postal Service's computer networks were breached, the USPS announced this morning. The breach was discovered back in September -- it's not clear when the actual attack(s) took place -- and the Washington Post is reporting that Chinese government is responsible. The US Federal Bureau of Investigation is leading investigations into the breach; FBI officials aren't saying who they believe is responsible.
 
Full Article
 
Userlevel 7
Why do they take so LONG to begin advising customers that their info may possibly have been breached.  INEXCUSEABLE.
 
 
Userlevel 7
Badge +54
It is time that if a breach is not disclosed in a timely manner that criminal proceedings were started. I can understand maybe 2 or 3 days but months is ridiculous.
Userlevel 6
This is a pretty big breach if we consider the expanse of the USPS, how embedded it is into the lived of everyone in the US, and just how many people are employeed with the organization.
 
Summary: China is high on the list of suspects as President Obama meets with the Chinese premier to discuss, among other things, cybersecurity.
By Zack Whittaker for Zero Day


 
Hackers have breached US Postal Service networks, leading to a significant breach of employee data.
 
The US Postal Service said on Monday the break-in was discovered in mid-September, according to the Washington Post. Although officials declined to comment on who they thought was responsible, hackers associated with the Chinese government are said to be high on the list.
 
Data of more than 800,000 employees has been compromised. That data includes names, dates of birth, Social Security numbers, and addresses.
 
No customer data was taken, the US Postal Service said.
 
According to a USPS spokesperson who spoke to the Post, the attack was led by a "sophisticated actor that appears not to be interested in identity theft or credit card fraud."
Userlevel 7
Yes.. this is does look pretty serioud.  @  Do you mind if I merge this into Jaspers thread on this?
Userlevel 5
Thank god my dad and mom don't use the U.S. Postal Service.
Userlevel 7
Badge +54
11/11/2014 Jai Vijayan
 
Employee VPN taken down -- will not be restored until more secure version can be installed, Postal Service says after breach exposes data on 800,000 employees and 2.9 million customers.
 The United States Postal Service (USPS) has suspended telecommuting for employees while it works to remediate a network intrusion that has exposed data on some 800,000 postal workers and an additional 2.9 million customers.
The virtual private network (VPN) service for postal employees was taken down this weekend and will not be brought back up until a version with more robust security features can be installed, USPS spokesman David Partenheimer said in an emailed comment to Dark Reading.
“As a result, telecommuting has been suspended until further notice,” he said.
 
Full Article
Userlevel 7
Badge +54
Marcos Colón, Online Editor   November 20, 2014
 
The United States Postal Service (USPS) was scolded by members of a congressional subcommittee in a hearing over its response to the recent data breach that impacted its network and employees.
Members of the USPS testified before a House subcommittee Wednesday and were questioned over its response and notification time related to the incident which affected more than 800,000 USPS employees.
“I am very disappointed in the way you handled this…you have to be more forthcoming,” Rep. Stephen Lynch (D.-Mass.) told testifying members of the USPS.
 
Full Article

Reply