USPS Hack : Healthcare Information of 485,000 Employees Leaked

485,000 Employees Healthcare Information Compromised In United States Postal Service (USPS) Data Breach

United States Postal Service (USPS) has revealed that the data breach which took place in November may have compromised the health information of 485,000 USPS employees. The hackers who hacked USPS may have accessed the data stored in “a file relating to injury compensation claims.” USPS Chief Human Resources Officer Jeffrey Williamson has said.

USPS was hacked in mid-September and it had reported the same in November 2014.  The hack attack was said to have compromised personal data of more than 800,000 employees including their names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, emergency contact information and other information.

The investigations which took place after the intrusion was noticed have revealed that health care information of 485K employees stored in the file along with employees’ Social Security Numbers and other personal information, was compromised back in September after hackers managed to exploit a USPS server’s weak default password.

Stealing of healthcare related information is supposed to be more lucrative for the cyber criminals and that is the reason the hackers may have targeted this particular file.  EMC Corporation report states that the underground forums price for a stolen credit card is one dollar in the black market where as health insurance credentials price can go as high $20 per person.

Another factor is that the use of health insurance details by unwanted actors can go unnoticed as there are no check in place to monitor the same, like,  for example the credit monitoring facilities available for credit cards.

Stealing healthcare credentials has become sort of a norm now a days because of the lucrative returns to the cyber criminals.

USPS has stated that it will change the way it saves important employee information as well as upgrade its systems and equipment to deter future attacks and also to better protect employees’ personal and healthcare information.

Resource : NextGov

LEAVE A REPLY

Please enter your comment!
Please enter your name here