Sources briefed on the matter revealed that a data breach at the U.S. government Transportation Department (USDOT) has exposed the personal information of 237,000 current and former federal government employees.
The breach specifically targeted the systems responsible for processing TRANServe transit benefits, which provide reimbursement for commuting expenses to government employees.
It remains unclear if any individuals have utilized the compromised personal information for illicit activities. In an email sent to Congress, USDOT stated that their initial investigation had identified the breach as limited to certain administrative systems used for employee transit benefits processing.
USDOT said in a statement to Reuters the breach did not affect any transportation safety systems. It did not say who might be responsible for the hack.
The department is conducting an active investigation into the breach . They have implemented measures to freeze access to the transit benefit system . This is until they can secure and restore it.
The maximum benefit allowance is $280 per month for federal employee mass transit commuting costs. The breach impacted 114,000 current employees and 123,000 former employees.
Federal employees and agencies have been target of hackers in the past.
Two breaches at the U.S. Office of Personnel Management (OPM) in 2014 and 2015 compromised sensitive data belonging to more than 22 million people. This was including 4.2 million current and federal employees along with fingerprint data of 5.6 million of those individuals.
Suspected Russian hackers who used SolarWinds and Microsoft software to burrow into U.S. federal agencies breached unclassified Justice Department networks and read emails at the Treasury, Commerce and Homeland Security departments. Nine federal agencies were breached, Reuters reported in 2021.