Breach at US Transportation Department exposes 240,000 employee records

A low-saturation photo of an open padlock lying on a circuitboard to represent stolen data
(Image credit: Bigstock)

A data breach at the US Department of Transportation (USDOT) has exposed the data of 237,000 former and current federal employees.

The breach was found to have affected USDOT’s TRANServe system for employee commuting reimbursement, which contains personal data pertaining to government workers.

USDOT stressed that no wider transport systems are linked to TRANServe, and no criminal use of the data has been detected at present.

Congress was made aware of the incident via email on 12 May, and USDOT has frozen access to the system while an investigation is underway.

Reuters reported that within the email, USDOT wrote it had "isolated the breach to certain systems at the department used for administrative functions, such as employee transit benefits processing”.

Almost half of those affected still work at the USDOT, with 114,000 current employees affected by the breach in addition to 123,000 former employees.

Federal branches are often subject to cyber security incidents due to the sensitive nature of information stored in their databases.

In January, the Cybersecurity and Infrastructure Security Agency (CISA) stated that federal civilian executive branch (FCEB) agencies had been targeted as part of a phishing campaign that went undetected for months.

RELATED RESOURCE

Whtiepaper cover with green title over image of female wearing glasses smiling at camera

(Image credit: ServiceNow)

Nine steps to proactively manage data privacy and protection

Build trust with your employees, customers, and third parties

DOWNLOAD FOR FREE

Threat actors had socially-engineered victims into opening malicious links over the phone, under the false claim that they had a financial claim to address.

CISA has engaged in an aggressive internal campaign to tighten cyber security across federal computer systems.

In October 2022 it issued new vulnerability detection orders requiring FCEB agencies to perform weekly checks on assets, and fortnightly vulnerability enumeration with results shared on the same regular basis.

CISA frequently updates its list of exploited vulnerabilities, through which it keeps federal agencies appraised of active cyber threats that require immediate mitigation to avoid.

Well-known vulnerabilities such as Log4Shell are often behind attacks on federal systems in the past year, with Iranian state-sponsored hackers discovered to have breached a federal agency in February 2022.

Despite having been discovered in December 2021, Log4Shell issues continue to plague businesses with research by cyber security firm Tenable having found that 72% of firms sre still vulnerable to the vulnerability.

Rory Bathgate

Rory Bathgate is a staff writer at ITPro covering the latest news on UK networking and data protection, privacy and compliance. He can sometimes be found on the ITPro Podcast, swapping a keyboard for a microphone to discuss the latest in tech trends.

In his free time, Rory enjoys photography, video editing and graphic design alongside good science fiction. After graduating from the University of Kent with BA in English and American Literature, Rory took an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, after four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.