The U.S. Transportation Department (USDOT) notified Congress on May 12th that the personal information of 237,000 current and former federal government employees had been exposed in a data breach. The breach hit systems for processing TRANServe transit benefits, which reimburse government employees for some commuting costs.
The transit benefit system has been frozen until the platform can be secured, according to Reuters.
The personal information that was exposed includes names, Social Security numbers, birthdates, and addresses. It is not clear if any of the personal information has been used for criminal purposes.
The USDOT has not provided any information that may attribute the attack to a specific nation or hacking group.
USDOT is investigating the breach and has taken steps to secure the affected systems. The department is also offering free credit monitoring and identity theft protection to affected employees.
The US government has long been a hacking target for personally identifiable information. The Office of Personnel Management (OPM) breach in 2014 and 2015 compromised sensitive personal data of over 22 million Americans. Fingerprint data for over 5.6 million individuals was included in that breach.
