A data breach at the U.S. Department of Transportation (USDOT) exposed the personal information of 237,000 current and former federal government employees, people familiar with the matter said Friday.
The breach affected the system that processes TRANServe transportation benefits, which reimburse government employees for some commuting costs. It is not known whether any personal information was used for criminal purposes.
The U.S. Department of Transportation informed Congress on Friday in an email seen by Reuters that its initial investigation into the data breach “has isolated the breach to certain systems the department uses for administrative functions, such as employee transit benefit processing.” .
The U.S. Department of Transportation said in a statement to Reuters that the flaw did not affect any transportation security systems. It did not say who might be responsible for the hacking.
The department is investigating the breach and has frozen access to the transportation benefits system until it is secured and restored, it said.
The maximum benefit allowance for public transportation commuting expenses for federal employees is $280 per month. The breach affected 114,000 current employees and 123,000 former employees.
Federal employees and agencies have been targeted by hackers in the past.
Two breaches at the US Office of Personnel Management (OPM) in 2014 and 2015 involved the sensitive data of more than 22 million people, including 4.2 million current and federal employees and the fingerprint data of 5.6 million of those individuals.
Suspected Russian hackers used SolarWinds and Microsoft software to infiltrate U.S. federal agencies, breach unclassified Justice Department networks and read emails from the Treasury, Commerce and Homeland Security departments. Nine federal agencies were breached, Reuters reported in 2021.