A data breach at the United States Postal Service (USPS) has compromised the personal information some 800,000 employees, and now the agency is under fire for delaying informing those employees, reports ABC News.
A computer hack that exposed USPS workers' data including names, dates of birth, Social Security numbers, addresses, dates of employment, and other information was first detected by U.S. Computer Emergency Readiness Team (US-CERT) on Sept. 11, says ABC.
According to Randy Meskanic, a U.S. Postal Service cyber-security official, it wasn't until Oct. 16 that the agency learned that data had indeed been compromised, and on Nov. 4 it confirmed data had been taken. Employees weren't notified of the breach until Nov. 10.
USPS says after being notified of a potential breach on Sept. 11, the FBI urged investigators to work in secret, warning that making the breach public "could result in the threat being further embedded into the Postal Service network," Meskanic testified at a House hearing yesterday.
Meskanic also testified that "approximately 100 servers and their workstations were compromised." Some basic customer information is also believed to have been compromised, including 2.9 million customer complaints stored on a compromised server which held name, address, phone, and email information for those customers, says ABC.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
