A data breach at the US Department of Transportation (USDOT) has exposed the data of 237,000 former and current federal employees.
The breach was found to have affected USDOT’s TRANServe system for employee commuting reimbursement, which contains personal data pertaining to government workers.
USDOT stressed that no wider transport systems are linked to TRANServe, and no criminal use of the data has been detected at present.
Congress was made aware of the incident via email on 12 May, and USDOT has frozen access to the system while an investigation is underway.
Reuters reported that within the email, USDOT wrote it had "isolated the breach to certain systems at the department used for administrative functions, such as employee transit benefits processing”.
Almost half of those affected still work at the USDOT, with 114,000 current employees affected by the breach in addition to 123,000 former employees.
Federal branches are often subject to cyber security incidents due to the sensitive nature of information stored in their databases.
In January, the Cybersecurity and Infrastructure Security Agency (CISA) stated that federal civilian executive branch (FCEB) agencies had been targeted as part of a phishing campaign that went undetected for months.
Nine steps to proactively manage data privacy and protection
Build trust with your employees, customers, and third parties
Threat actors had socially-engineered victims into opening malicious links over the phone, under the false claim that they had a financial claim to address.
CISA has engaged in an aggressive internal campaign to tighten cyber security across federal computer systems.
In October 2022 it issued new vulnerability detection orders requiring FCEB agencies to perform weekly checks on assets, and fortnightly vulnerability enumeration with results shared on the same regular basis.
CISA frequently updates its list of exploited vulnerabilities, through which it keeps federal agencies appraised of active cyber threats that require immediate mitigation to avoid.
Well-known vulnerabilities such as Log4Shell are often behind attacks on federal systems in the past year, with Iranian state-sponsored hackers discovered to have breached a federal agency in February 2022.
Despite having been discovered in December 2021, Log4Shell issues continue to plague businesses with research by cyber security firm Tenable having found that 72% of firms sre still vulnerable to the vulnerability.
