USPS data breach affects over three million

Cyber criminals have broken into the US Postal Service’s network and stolen the data of 2.9 million customers, and 750,000 employees and retirees.

The Postal Service released a statement on Monday, but lacked details of how this breach occurred.

“The Postal Service has recently learned of a cyber-security intrusion into some of our information systems,” the statement said. “We began investigating this incident as soon as we learned of it, and we are cooperating with the investigation, which is ongoing. The investigation is being led by the Federal Bureau of Investigation and joined by other federal and postal investigatory agencies. The intrusion is limited in scope and all operations of the Postal Service are functioning normally.”

We know that cyber forensics isn’t a task that can be performed overnight, so I expect that we won’t know how this breach occurred for at least a couple more weeks.

What data was stolen?

For customers, the data stolen included:

  • Names
  • Addresses
  • Telephone numbers
  • Email addresses

For employees, it was a lot worse:

  • Names
  • Dates of birth
  • Social Security numbers
  • Addresses
  • Other information, including beginning and end dates of employment

Handled well

When a breach happens at a large organization, it’s rare that it’s handled correctly. USPS have handled this breach well, however, and have provided an FAQ page that will answer any questions that people have, as well as providing credit check services to affected employees.

This article will be updated when more information is made available. To ensure you don’t miss these updates, subscribe to our blog.

Subscribe to our hacks and breaches updates

[email-subscribers namefield=”YES” desc=”” group=”databreachupdates”]