This week, the United States Postal Service (USPS) became 2014’s latest data breach victim after a cyber attack targeting the organization’s computer systems resulted in the loss of employee information.
Devlin Barrett of the Wall Street Journal reported, “More than 800,000 people, including employees, top directors and regulators, could be affected by a computer systems breach that may have compromised data including names, Social Security numbers and addresses.” Barrett continued, “Employees, some retirees and staffers of the Postal Regulatory Commission, the U.S. Postal Inspection Service and the Postal Service Office of Inspector General have been affected… An unknown number of customers also could have been affected, though not to the same degree.”
Help Net Security shared a statement from the USPS, which said, “Postal Service transactional revenue systems in Post Offices as well as on usps.com where customers pay for services with credit and debit cards have not been affected by this incident. There is no evidence that any customer credit card information from retail or online purchases such as Click-N-Ship, the Postal Store, PostalOne!, change of address or other services was compromised.”
Ellen Nakashima of the Washington Post attributed the attack to hackers allegedly backed by the Chinese Government. Nakashima comments, “The Chinese government has consistently denied accusations that it engages in cyber theft and notes that Chinese law prohibits cybercrime. But China has been tied to several recent intrusions, including one into the computer systems of the Office of Personnel Management and another into the systems of a government contractor, USIS, that conducts security-clearance checks.” Nakashima also notes, “The intrusion into the USPS, officials said, was carried out by a sophisticated actor who did not appear to be interested in identity theft or credit card fraud.”
Does this particular incident have any unique implications impacting national security? While this breach did not necessarily result in the loss of consumer data, what safeguards or precautions should consumers be taking? Let us know your thoughts on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.