Data breaches are not unusual in this day and age. In fact, the frequency of such incidents makes them look like the norm. However, it becomes more alarming when things go wrong at government institutions. Recently, the State Department endured a speculated cyber attack on their email system, resulting in a compromise of some of its data. Specifically, the State Department email breach affected a small proportion of employees exposing their personal records.
The US State Department’s classified email system was not affected by the breach, it said.
The news about the State Department email breach surfaced online after a report from Politico. Whilst sharing a copy of the official notice about the breach, the source reported that the State Department generated alerts on September 7, 2018, to inform employees of the breach. As disclosed, the breach exposed the personal data of victim employees. Nevertheless, the incident only affected 1% of staff inboxes.
“The department recently detected the activity of concern in its unclassified email system affecting less than 1% of employees inboxes,” the warning read. According to the department’s own records, it employs 69,000 people, of which about 600-700 were affected by the breach.
As stated in the notice, “We have determined that certain employees’ personally identifiable information (PII) may have been exposed. We have notified those employees.”
The warning established that employees’ PII may have been exposed. However, it did not specify exactly what information had been accessed. The department was investigating the cause by working with partner agencies to conduct a full assessment, a State Department official said in an emailed statement.
The agency didn’t suggest who might be responsible for the breach, but noted that steps have been taken to secure systems and that the affected employees will be given three years of free credit monitoring, ZDNet reported.