Cybersecurity

USPS breach wider than first reported

Shutterstock image: breached lock.

Social Security numbers of U.S. Postal Service employees weren't the only data to be affected in September's cybersecurity breach at USPS. The agency is now saying that the medical records of as many as 485,000 employees might also have been accessed.

USPS alerted potential breach victims -- current and past employees who filed injury compensation claims between November 1980 and August 2012 -- with individual letters explaining their specific situations.

In the Dec. 10 letter to employees, USPS Chief Human Resources Officer Jeffrey Williamson said the potentially compromised information was stored in "a file relating to injury compensation claims," which includes medical information associated with that claim. NextGov first reported on the breach of the medical files.

Spokesman Dave Partenheimer said the information accessed in the breach can include victims names, addresses and Social Security numbers, as well as their medical information.

At a National Press Club event in Washington, D.C. on Jan. 6, Postmaster General Patrick Donahoe said at the time of the breach USPS was following best practices and recommendations of the private sector and federal government – but considering the number of network breaches in the public and private sector during the time, that might not assuage many of those affected.

Donahoe describes USPS's cybersecurity posture as similar to most organizations -- a wall keeping malicious intruders out -- but said that in the months following the breach, improvements have been made.

"We've now employed a substantial change in not only maintaining the wall and building the wall to be stronger, [with] much more scanning internally," Donahoe said. "There's a lot of new products on the market right now that are not even for sale yet that we are using."

USPS has also hired a third party to conduct an "over the shoulder" review of its cybersecurity program. Donahoe said the goal is "to make sure that everything we're doing is better than industry standards."

The results of that review will not be made public, Donahoe said.

About the Author

Colby Hochmuth is a former staff writer for FCW.

Featured

  • Oversight
    President of the United States of America, Donald J. Trump, attends the 2019 Army Navy Game in Philadelphia, Pa., Dec. 14, 2019. (U.S. Army photo by Sgt. Dana Clarke)

    Trump shakes up official watchdog ranks

    The White House removed an official designated to provide oversight to the $2 trillion rescue and relief fund and nominated a raft of new appointees to handle oversight chores at multiple agencies.

  • Workforce
    coronavirus molecule (creativeneko/Shutterstock.com)

    OMB urges 'maximum telework flexibilities' for DC-area feds

    A Sunday evening memo ahead of a potentially chaotic commute urges agency heads to pivot to telework as much as possible.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.