Some employees of the United States Postal Service (USPS) in eastern North Carolina and Jacksonville have not received their paychecks due to a cyber attack. The Postal Service is investigating the incident, but employees are unhappy with the outcome so far.
The incident was caused by employee interaction with fake websites, according to a statement from the Postal Service’s Inspection Service and Corporate Information Security Office. The affected system was PostalEASE, which allows USPS workers to set up benefits and direct deposits, and which had employees’ fingerprints, social security numbers and other personal information.
Employees received letters informing them of the cyber attack and stating that the fake websites had similar web addresses to PostalEASE. Larisa Covington, an employee based in Jacksonville, discovered $2,000 had been stolen from her account, and was informed by her supervisor and postmaster that around 1,000 others had been affected.
Covington reported the incident to the North Carolina Department of Labor and Congressman Greg Murphy’s office.
Murphy said his office was working with USPS and encouraged any constituents with similar issues to contact his office.
USPS has taken precautionary measures to prevent further unauthorized activity, and is purchasing a 1-year credit monitoring service for affected employees.
The cyber attack is another example of the vulnerability of government agencies and public services to cyber attacks.
Cybersecurity is an ongoing threat, as Congressman Murphy stated. The incident highlights the need for employee education on cybersecurity and the importance of implementing multi-factor authentication and other security measures to protect against such attacks.
The incident also raises concerns over the security of personal information, particularly as it relates to government agencies and public services.
It is crucial that such agencies take the necessary steps to safeguard sensitive personal information and to provide affected individuals with timely and effective assistance in the event of a cyber attack.
