Another week, another corporate data breach. The U.S. Postal Service announced on Monday that personal information of employees and customers may have been compromised during a cyber attack.
In a statement this week, USPS said that it recently became aware that names, birth dates, addresses, Social Security numbers and emergency contact information of up to 800,000 employees was exposed during an intrusion. Those affected include current and retired employees, as well as employees of the Postal Regulatory Commission, the U.S. Postal Inspection Service and the Postal Service Office of the Inspector General. The agency also said that any customers who contacted the Postal Service Customer Care Center between Jan. 1 and Aug. 16 may have had information exposed, including names, phone numbers and email addresses.
Mitigation efforts ongoing since September
According to USPS media relations manager David Partenheimer, the agency was first alerted to the presence of suspicious activity in mid-September, and attackers were able to invade systems some time after the initial intrusion. Partenheimer explained in a statement that while the USPS has been working on mitigating effects of the breach for weeks now, it has only now released information to the public because doing so earlier could have jeopardized remediation efforts. The FBI is currently leading an investigation into the breach and is working with the Postal Service to determine the extent of the attack.
In a statement, Postmaster General Patrick Donahoe said that there has so far been no sign of malicious use of the compromised information. While there have yet to be any suspects named in the breach, in an interview with The Washington Post Partenheimer said that the attacker is likely "a sophisticated actor that appears not to be interested in identity theft or credit card fraud."
A growing number of major corporations and high-profile organizations, including multiple government agencies, have joined the list of data breach victims, and such cyberattacks will only become more frequent as malicious software becomes more sophisticated and readily available. Those looking to protect their sensitive data from the hands of hackers need to employ security information and event management. Companies with a managed SIEM solution have access to 24/7 network monitoring and event analysis that provides actionable threat intelligence in order to create a more robust and effective enterprise defense posture.