Breach at US Transportation Department exposes 240,000 employee records

A low-saturation photo of an open padlock lying on a circuitboard to represent stolen data
(Image credit: Bigstock)

A data breach at the US Department of Transportation (USDOT) has exposed the data of 237,000 former and current federal employees.

The breach was found to have affected USDOT’s TRANServe system for employee commuting reimbursement, which contains personal data pertaining to government workers.

USDOT stressed that no wider transport systems are linked to TRANServe, and no criminal use of the data has been detected at present.

Congress was made aware of the incident via email on 12 May, and USDOT has frozen access to the system while an investigation is underway.

Reuters reported that within the email, USDOT wrote it had "isolated the breach to certain systems at the department used for administrative functions, such as employee transit benefits processing”.

Almost half of those affected still work at the USDOT, with 114,000 current employees affected by the breach in addition to 123,000 former employees.

Federal branches are often subject to cyber security incidents due to the sensitive nature of information stored in their databases.

In January, the Cybersecurity and Infrastructure Security Agency (CISA) stated that federal civilian executive branch (FCEB) agencies had been targeted as part of a phishing campaign that went undetected for months.

RELATED RESOURCE

Whtiepaper cover with green title over image of female wearing glasses smiling at camera

(Image credit: ServiceNow)

Nine steps to proactively manage data privacy and protection

Build trust with your employees, customers, and third parties

DOWNLOAD FOR FREE

Threat actors had socially-engineered victims into opening malicious links over the phone, under the false claim that they had a financial claim to address.

CISA has engaged in an aggressive internal campaign to tighten cyber security across federal computer systems.

In October 2022 it issued new vulnerability detection orders requiring FCEB agencies to perform weekly checks on assets, and fortnightly vulnerability enumeration with results shared on the same regular basis.

CISA frequently updates its list of exploited vulnerabilities, through which it keeps federal agencies appraised of active cyber threats that require immediate mitigation to avoid.

Well-known vulnerabilities such as Log4Shell are often behind attacks on federal systems in the past year, with Iranian state-sponsored hackers discovered to have breached a federal agency in February 2022.

Despite having been discovered in December 2021, Log4Shell issues continue to plague businesses with research by cyber security firm Tenable having found that 72% of firms sre still vulnerable to the vulnerability.

Rory Bathgate
Features and Multimedia Editor

Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.

In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.