According to sources, in a recent data breach at the US Transportation Department (USDOT), the personal data of 237,000 US federal government employees both current and former has been exposed.
The breach affected systems used to process TRANServe transit benefits, which reimburse government employees for some commuting expenses. It was unclear whether any of the personal data had been used for criminal purposes.
In an email obtained by Reuters on Friday, the USDOT informed Congress that its initial investigation into the data breach had “isolated the breach to certain systems at the department used for administrative functions, such as employee transit benefits processing.”
The USDOT informed Reuters that the breach had no impact on transportation safety systems. However, it didn’t say who was responsible for the hack.
According to the department, it is investigating the breach and has frozen access to the transit benefit system until it is secured and restored.
The maximum benefit allowance for federal employees’ mass transit commuting costs is $280 (approximately Rs. 23,000) per month. 114,000 current employees and 123,000 former employees were affected by the breach.
Hackers have previously targeted federal employees and agencies.
In 2014 and 2015, two breaches at the US Office of Personnel Management (OPM) compromised sensitive data belonging to more than 22 million people, including 4.2 million current and federal employees, as well as the fingerprints of 5.6 million of those individuals.
Russian hackers are suspected of breaching unclassified Justice Department networks and reading emails at the Treasury, Commerce, and Homeland Security departments using SolarWinds and Microsoft software. Reuters reported in 2021 that nine federal agencies had been breached.