FBI Investigating Postal Service Cyber Attack

The U.S. Postal Service announced Nov. 10 that it had recently learned of a cyber security intrusion into some of its information systems. Employees' information, not customers' data, may have been compromised.

The U.S. Postal Service and several other agencies are investigating a cyber attack on the USPS information systems, the agency announced Nov. 10, adding that employees' data, rather than customers' sensitive information, may have been compromised. USPS posted a FAQ document about the intrusion that said, "We are unaware of any evidence that any of the compromised information has been used to engage in any malicious activity."

USPS has more than 500,000 employees -- about 490,000 career employees and another 137,037 non-career employees as of Jan. 21, 2014, according to data available on its website. USPS said it is offering employees one year of free credit monitoring but is not offering that to customers because its investigation has not shown there is any need for customer credit monitoring as a result of this intrusion. The investigation also has found no evidence of any customer data being compromised from the passport application process.

"We are working closely with the Federal Bureau of Investigation, Department of Justice, the USPS Office of Inspector General, the Postal Inspection Service and the U.S. Computer Emergency Readiness Team. The Postal Service has also brought in private sector specialists in forensic investigation and data systems to assist with the investigation and remediation to ensure that we are approaching this event in a comprehensive way, understanding the full implications of the cyber intrusion and putting in place safeguards designed to strengthen our systems," one answer in the document explained.

The FBI is leading the investigation.

"[Employee] information potentially compromised in the incident may include personally identifiable information about employees, including names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, emergency contact information and other information," according to the USPS statement. "Postal Service transactional revenue systems in Post Offices as well as on usps.com where customers pay for services with credit and debit cards have not been affected by this incident. There is no evidence that any customer credit card information from retail or online purchases such as Click-N-Ship, the Postal Store, PostalOne!, change of address or other services was compromised. The intrusion also compromised call center data for customers who contacted the Postal Service Customer Care Center with an inquiry via telephone or e-mail between Jan. 1, 2014, and Aug. 16, 2014. This compromised data consists of names, addresses, telephone numbers, email addresses and other information for those customers who may have provided this information. At this time, we do not believe that potentially affected customers need to take any action as a result of this incident."

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • Get the Ultimate Guide to OSHA Recordkeeping

    When it comes to OSHA recordkeeping there are always questions regarding the requirements and in and outs. IndustrySafe is here to help. We put together this page with critical information to help answer your key questions about OSHA recordkeeping.

  • Safety Training 101

    When it comes to safety training, no matter the industry, there are always questions regarding requirements and certifications. We put together a guide that’s easy to digest so you can ensure you're complying with OSHA's training standards.

  • Conduct EHS Inspections and Audits

    Record and manage your organization’s inspection data with IndustrySafe’s Inspections module. IndustrySafe’s pre-built forms and checklists may be used as is, or can be customized to better suit the needs of your organization.

  • Track Key Safety Performance Indicators

    IndustrySafe’s Dashboard Module allows organizations to easily track safety KPIs and metrics. Gain increased visibility into your business’ operations and safety data.

  • Industry Safe
comments powered by Disqus