DOT Investigating Giant Data Breach

Data on 237,000 existing and former personnel was stolen.

Source : Unsplash by FLY:D

May 22, 2023

Author : Patty Allen

The United States Depart of Transportation (DOT) recently faced a massive data breach involving its administrative system. 

Reuters first reported the incident that more than 237,000 existing and former personnel of the department had their personal information hacked by anonymous hackers who allegedly infiltrated the agency’s networked systems.

According to a preliminary investigation, the breach was limited to software used to process employee transit benefits, and no transportation safety systems were attacked. The DOT failed to identify the potential source of the giant data breach of the cyber attack. 

In an email sent to the US Congress by the DOT it was clarified that in the initial investigation the DOT isolated the attack to particular systems used by the administrative department. 

The report further stated that the cybersecurity attack affected TRANServe’s transportation benefits processing systems. However, the DOT also confirmed that it was unclear whether the personal information of the employees had been used for criminal purposes. 

After detecting the cyberattack, the DOT reached out to the Cybersecurity and Infrastructure Security Agency. It suspended access to relevant systems while the issue was further investigated and secured and restored the systems. 

The DOT breach occurred when the federal government was still reeling from a March incident that disclosed the sensitive healthcare information of 17 House of Representatives, 43 dependents, and 585 House staff members. 

The DOT and its leader, Transportation Secretary Pete Buttigieg, had also come under criticism earlier this year after several fights across the United States were grounded due to a computer system failure at the office of the Federal Aviation Administration. 

Federal information systems have always been a ripe target for hackers. In fact, the FBI was hacked twice in the last year. In early 2020, the Justice Department too suffered a massive breach of the federal court docketing system.

In March, President Joe Biden had warned US departments of intelligence suspecting a Russian cyber threat and urging US agencies to “immediately” prepare defenses. In a statement, he said, “If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately.”

Biden also said that there was “evolving intelligence” that the Russian government was launching cyberattacks against the United States in response to the wave of Western sanctions hurled at Russia in light of the Ukraine crisis. He announced that the US government planned on using “every tool” to respond to and counter Russia’s cyberattacks. 

However, since the majority of the critical infrastructure in the US is owned and operated by private companies, the state couldn’t force them to undertake cybersecurity measures. Thus, Biden encouraged them to "accelerate efforts to lock their digital doors."

In a briefing with reporters, US Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger said that despite the US President's warning, there was no certainty of a cyber incident on crucial infrastructure. She added that despite the government’s attempts to strengthen strategies in the cybersecurity field, there’s still a lot left to do to restore confidence that the United States has securely locked its digital doors. 

Category : Cyber Security Federal Government Tech

Related Article