14 DAY TRIAL // Unknown attackers have breached the computer systems of the US Postal Service (USPS) and accessed without authorization sensitive details about employees and customers.
Multiple investigative efforts are poured into the analysis of the incident, the FBI being in command of the operation, helped by other federal and postal investigatory agencies.
There aren’t too many details available at the moment, except for the type of information exposed, which includes details from both employees and customers.
Millions of individuals allegedly affected by the attack
In a statement from USPS about the unfortunate event, media relations manager David Partenheimer says that, in the case of the employees, the attackers succeeded in accessing names, dates of birth, social security numbers, addresses, beginning and end dates of employment, emergency contact information.
He also informs that data about customers has been exposed as well, as the intrusion affected a call center. Clients calling for inquiries between January 1 and August 16 have been impacted, with names, addresses, telephone numbers, email addresses and other information being leaked to the attacker(s). Fortunately, payment card data has not been impacted by the incident.
“The recent breach at USPS reinforces that data is the new currency and attackers are going after rich veins of private information, whether it’s employee or customer data,” said via email Eric Chiu, president and co-founder of HyTrust.
The Postal Service did not reveal any information about the number of impacted individuals, but according to CNN, it would seem that about 750,000 employees and retirees, and some 2.9 million clients, have their data at risk.
“In many ways, employee data is even more valuable because companies store very sensitive information like Social Security, contact, healthcare, and financial data on employees which can be used to hijack a person's financial identity,” warned Eric Chiu.
Increased security added to the computer systems
The delay in announcing the breach was caused by the need to upgrade the security of the system in order to prevent such incidents in the future. This resulted in the network of the service being impaired over the weekend.
Among the measures taken, there are system upgrades and stricter employee policies and procedures that are scheduled to roll out in the following days and weeks.
In a FAQ post, USPS announces that employees are offered free credit monitoring services for one year, because of identity theft risk.
For the moment, there is no evidence that the stolen information has been used for nefarious purposes.