The United States Postal Service just announced that hackers breached its computer systems and compromised the data of all 800,000 employees. This one is bad. It appears that the criminals responsible potentially had full access to names, birth dates, addresses and Social Security numbers.
But it's not just Postal employees who are at risk. There was some customer data on the hacked servers as well. And who are USPS' customers? Only every single address in the U.S.
If you're employed by USPS, you've no doubt been notified already. Your identity is now at serious risk, and you need to take all the necessary precautions to protect yourself. Click here to learn how to defend against ID theft. The Postal Service has also offered a year of free credit monitoring to employees.
The postmaster general is assuring people that no illegal activity has been seen, but it could be just a matter of time until hackers use the stolen info for fraudulent transactions. The New York Times had this quote:
“It’s an unfortunate fact of life these days that every organization connected to the Internet is a constant target for cyberintrusion activity,” Patrick R. Donahoe, the postmaster general, said in a written statement. “The United States Postal Service is no different. Fortunately, we have seen no evidence of malicious use of the compromised data.”
Unfortunately, we also know that the Postal Service knew about this breach back in September, but only now is revealing it to its employees and the public. That's what makes this so bad: It's not just USPS employees at risk.
USPS employee information wasn't the only personal data stored in the hacked computers. If you called customer service, your phone number and address may have been on the servers at the time of the hack. That means you're now at high risk of spear-phishing attacks. That's when hackers use known information like an address to specifically target you with a scam.
Unlike the recent White House attack that was traced to Russian hackers, experts believe this one was perpetrated by people in China. The scary thing is we don't know why Chinese hackers would target the USPS:
If the attack was Chinese in origin, it raises the question of what the value would be in obtaining personal information about employees and customers. Unlike the White House, the Postal Service does not handle much classified or otherwise secret information. But some cyberexperts speculate that what the intruders are seeking is an understanding of how federal computer systems operate, and what kinds of data were available.
If hackers could take a run at the Postal Service, they could take a run at your small business, too. Click here to learn how to avoid cyberattacks on your small business.