The personal information of approximately 237,000 current and former federal government employees has been exposed in a data breach at the US Transportation Department (USDOT). The breach targeted the systems responsible for processing transit benefits for government employees’ commuting costs.
It remains uncertain whether the compromised personal information has been utilized for criminal purposes. USDOT has informed Congress about the breach, indicating that the incident was isolated to specific administrative systems related to transit benefits processing and did not impact transportation safety systems.
At the same time, the USDOT stated that it is conducting an investigation into the breach and has temporarily suspended access to the transit benefit system until security measures are enhanced and the system is restored. The breach affected a total of 114,000 current employees and 123,000 former employees.
While the responsible party behind the hack was not disclosed, the USDOT is actively working to determine the source of the breach.
Furthermore, this breach follows previous cyberattacks targeting federal employees and agencies, such as the 2014 and 2015 breaches at the US Office of Personnel Management (OPM), which compromised sensitive data belonging to over 22 million individuals, including fingerprint data.
In 2021, suspected Russian hackers infiltrated unclassified networks of US federal agencies, including the Justice Department, Treasury, Commerce, and Homeland Security departments, through the use of SolarWinds and Microsoft software.
Finally, this incident highlights the ongoing challenges faced by government institutions in safeguarding sensitive data from cyber threats.
