Data breach exposes personal info of 237,000 US govt employees

A massive data breach at US Transportation Department (USDOT) compromised the personal information of around 237,000 current and former federal government employees, Reuters quoted sources as saying on Friday.

Sources said the breach targeted the systems used to process the government employees' TRANServe transit benefits that deal with the reimbursement of some commuting costs.

There were no immediate reports about the leak of personal information or its criminal use.

USDOT informed Congress Friday in an email seen by Reuters that its initial investigation of the data breach has "isolated the breach to certain systems at the department used for administrative functions, such as employee transit benefits processing."

USDOT said in a statement to Reuters the breach did not affect any transportation safety systems. It did not say who might be responsible for the hack.

The department is investigating the breach and has frozen access to the transit benefit system until it has been secured and restored, it said.

The maximum benefit allowance is $280 per month for federal employee mass transit commuting costs. The breach impacted 114,000 current employees and 123,000 former employees.

Federal employees and agencies have been target of hackers in the past.

Two breaches at the U.S. Office of Personnel Management (OPM) in 2014 and 2015 compromised sensitive data belonging to more than 22 million people, including 4.2 million current and federal employees along with fingerprint data of 5.6 million of those individuals.

Suspected Russian hackers who used SolarWinds and Microsoft software to burrow into U.S. federal agencies breached unclassified Justice Department networks and read emails at the Treasury, Commerce and Homeland Security departments. Nine federal agencies were breached, Reuters reported in 2021.