Personal Data of 237,000 US Government Employees Breached
The US Transport Department has experienced a data breach targeting administrative systems such as the TRANServe transit benefit processing system, which provides reimbursement for commuting expenses to government employees. The breach has exposed the personal information of 237,000 employees, both current and former.
According to an email seen by Reuters, USDOT informed Congress on Friday that their initial investigation has isolated the breach. USDOT also stated to Reuters that the breach did not have any impact on transportation safety systems.
However, the responsible party behind the hack was not disclosed. There has also been no information on the exact nature of the data that has been compromised as of yet. Additionally, it remains uncertain whether the compromised personal information has already been used for illicit activities.
The department has initiated an investigation into the breach and has temporarily suspended access to the transit benefit system until security measures have been strengthened and the system restored. The breach has affected 114,000 current employees and 123,000 former employees.
In a recent report released by the US Government Accountability Office (GAO), it was revealed that the Department of Transportation (DoT) has partially failed to fulfill certain priority recommendations regarding cybersecurity. The report highlights a range of shortcomings within the DoT's cybersecurity practices, including some that may have contributed to this recent breach.
The personal information of government employees were also compromised by hackers as recently as of March this year. A number of staff of the US House, along with Members themselves and their family members, had their data stolen in a breach of DC Health Link, the health insurance provider offered to eligible employees and Members. This stolen data was then listed for sale on the dark web.