U.S. Postal Service employee and customer data may have been compromised in a computer hack that lasted at least seven-and-a-half months, the agency said.
The attack affected identifying information for 800,000 employees, according to a congressional official briefed on the incident. That included names, dates of birth and Social Security numbers.
Names, addresses, telephone numbers, and e-mail accounts of customers who called or e-mailed the Postal Service Customer Care Center between Jan. 1 and Aug. 16 also were vulnerable, the agency said in a statement today. There's no evidence any credit- or debit-card information was compromised, the it said.
"We began communicating this morning with our employees about this incident, apologized to them for it, and have let them know that we will be providing them with credit monitoring services for one year," David Partenheimer, a Postal Service spokesman, said in the statement. "At this time, we do not believe that potentially affected customers need to take any action."
The incident may renew calls for new cybersecurity legislation, which has been stalled in Congress. The Postal Service said it's cooperating with an FBI investigation into what it calls a "cyber security intrusion."
"The intrusion is limited in scope and all operations of the Postal Service are functioning normally," Partenheimer said.