The United States Postal Service's computer networks were breached, the USPS announced this morning. The breach was discovered back in September -- it's not clear when the actual attack(s) took place -- and the Washington Post is reporting that Chinese government is responsible. The US Federal Bureau of Investigation is leading investigations into the breach; FBI officials aren't saying who they believe is responsible.
The entire USPS staff of over 800,000 employees is affected by the breach: "names, dates of birth, Social Security numbers, addresses, dates of employment and other information" were all taken, according to USPS officials. The breach reportedly doesn't affect USPS customers, both in-store and online via USPS.com, though some customer information (names, email addresses and phone numbers) was also taken -- if you "contacted the Postal Service Customer Care Center via phone or email between January 1st and August 16th." Officials are saying no other customer info was taken. "At this time, we do not believe that potentially affected customers need to take any action as a result of this incident," a statement from the USPS says.
All USPS employees are being offered one free year of credit monitoring in wake of the information breach, though we're guessing that a few of those approximately 800,000 people are seeking employment elsewhere after today's news.
Postmaster General Donahoe says that, during the past few months of investigation, he and the FBI "have seen no evidence of malicious use" of employees' data. Whoever breached the system was after large amounts of US government employee data rather than credit card info -- "a sophisticated actor that appears not to be interested in identity theft or credit card fraud," is how USPS spokesperson David Partenheimer described the intruder to the Washington Post.
"We have recently implemented additional security measures designed to improve the security of our information systems, including certain actions this past weekend that caused certain systems to be off-line," Partenheimer wrote in the USPS statement. "We know this caused inconvenience and partners, and we apologize for any disruption." USPS employees were notified this morning.
Governments engage in information espionage all the time, of course. Both the United States and China are among the world's best at intruding foreign government computer systems and mining for data. That doesn't make it excusable when a government is caught in the act. As former National Security Agency general counsel Stewart A. Baker told the Washington Post, "It's perfectly appropriate for us to do everything we can to embarrass and punish the Chinese if they're in our systems, whether or not we're in theirs."
[Image credit: Shutterstock]