Cybersecurity

USPS breach wider than first reported

Shutterstock image: breached lock.

Social Security numbers of U.S. Postal Service employees weren't the only data to be affected in September's cybersecurity breach at USPS. The agency is now saying that the medical records of as many as 485,000 employees might also have been accessed.

USPS alerted potential breach victims -- current and past employees who filed injury compensation claims between November 1980 and August 2012 -- with individual letters explaining their specific situations.

In the Dec. 10 letter to employees, USPS Chief Human Resources Officer Jeffrey Williamson said the potentially compromised information was stored in "a file relating to injury compensation claims," which includes medical information associated with that claim. NextGov first reported on the breach of the medical files.

Spokesman Dave Partenheimer said the information accessed in the breach can include victims names, addresses and Social Security numbers, as well as their medical information.

At a National Press Club event in Washington, D.C. on Jan. 6, Postmaster General Patrick Donahoe said at the time of the breach USPS was following best practices and recommendations of the private sector and federal government – but considering the number of network breaches in the public and private sector during the time, that might not assuage many of those affected.

Donahoe describes USPS's cybersecurity posture as similar to most organizations -- a wall keeping malicious intruders out -- but said that in the months following the breach, improvements have been made.

"We've now employed a substantial change in not only maintaining the wall and building the wall to be stronger, [with] much more scanning internally," Donahoe said. "There's a lot of new products on the market right now that are not even for sale yet that we are using."

USPS has also hired a third party to conduct an "over the shoulder" review of its cybersecurity program. Donahoe said the goal is "to make sure that everything we're doing is better than industry standards."

The results of that review will not be made public, Donahoe said.

About the Author

Colby Hochmuth is a former staff writer for FCW.

Featured

  • IT Modernization
    Eisenhower Executive Office Building (Image: Wikimedia Commons)

    OMB's user guide to the MGT Act

    The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek and use funds under the MGT Act.

  • global network (Pushish Images/Shutterstock.com)

    As others see us -- a few surprises

    A recent dinner with civil servants from Asia delivered some interesting insights, Steve Kelman writes.

  • FCW Perspectives
    cloud (Singkham/Shutterstock.com)

    A smarter approach to cloud

    Advances in cloud technology are shifting the focus toward choosing the right tool for the job and crafting solutions that truly modernize systems.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.