The United States Postal Service (USPS) announced in November 2014 that it was investigating a potential cyber intrusion into some of its information systems and that more than 800,000 staffers were possibly affected – now the investigation has revealed that nearly half a million current and former employees may have had injury claim data compromised.
In a Monday email correspondence, David Partenheimer, manager of media relations with the USPS, told SCMagazine.com that Jeffrey Williamson, chief human resources officer with the USPS, sent customized notification letters to approximately 485,000 staffers.
“As first reported by the Postal Service on Nov. 10, 2014, the intrusion included a possible compromise of injury claim data,” Partenheimer said. “The investigation has provided the Postal Service with additional information about the file containing this data that is shared with the Department of Labor.”
The file – which contains data associated with current and former employee injury compensation claims – was created in August 2012 and includes information that dates from November 1980 to Aug. 30, 2012, Partenheimer said.
The information varies depending on the individual, but possibly consists of names, addresses, dates of birth, Social Security numbers, medical information, and other information, according to Partenheimer.
“We are unaware of any evidence that any of the compromised employee information has been used to engage in any malicious activity, such as identity theft crimes,” Partenheimer said, explaining free credit monitoring services will be offered to anyone who did not previously receive an offer.
In November, the USPS announced a possible cyber security intrusion into some of its information systems, and that Social Security numbers may have been among the data that was compromised for more than 800,000 employees, including those that work for USPS' regulator, the Postal Regulatory Commission, as well as for the Postal Inspection Service and the Postal Service Office of Inspector General (OIG).
Customers who made telephone or email inquiries to the Postal Service Customer Care Center between Jan. 1 and Aug. 16 may have also had information compromised, including names, addresses, telephone numbers, email addresses and other information.
The investigation is ongoing, Partenheimer said.