The U.S. Congressional Budget Office (CBO) has confirmed it was the target of a cybersecurity breach, believed to have been carried out by a suspected foreign hacker, raising concerns that sensitive government data and communications between congressional offices and CBO analysts may have been compromised.
CBO spokeswoman Caitlin Emma confirmed in a statement that the agency has โidentified the security incident, has taken immediate action to contain it, and has implemented additional monitoring and new security controls to further protect the agency’s systems going forward.โ
She added, “The incident is being investigated and work for the Congress continues. Like other government agencies and private sector entities, CBO occasionally faces threats to its network and continually monitors to address those threats.”
Officials Warn Lawmakers To Be Cautious
The Washington Post first reported the breach, citing unnamed officials who said the intrusion was discovered only days ago. Lawmakers have been warned that emails and internal exchanges between congressional offices and CBO analysts may have been accessed, prompting some offices to temporarily suspend email exchanges with the CBO due to security concerns.
According to internal warnings, hackers may have gained access to emails, internal chat logs, and exchanges between CBO analysts and lawmakers, possibly revealing confidential discussions on pending legislation and economic projections.
CBOโs Crucial Role In Lawmaking
The CBO, a small but powerful nonpartisan agency with around 275 employees, provides independent analysis to lawmakers on economic policy and the federal budget for nearly every bill considered by Congress.
Every bill taken up by Congress receives a โCBO scoreโ that estimates how it would affect the national debt and spending. A breach could expose draft reports, economic models, or sensitive discussions between analysts and lawmakers.
China Reportedly Linked To Intrusion
While the CBO has not confirmed who was responsible, U.S. officials told CNN that Chinese state-backed hackers are suspected. The Chinese Embassy in Washington, D.C., denied any role, saying Beijing consistently opposes and strictly combats all forms of cyberattacks.โ
This breach follows a string of high-profile cyber intrusions involving U.S. government agencies over the past year. In late 2024, hackers linked to the Chinese group Silk Typhoon infiltrated the U.S. Treasury Department and the Committee on Foreign Investment in the United States (CFIUS).
Part Of A Broader Cyber Threat Landscape
Cybersecurity experts say the CBO breach underscores the persistent vulnerability of federal institutions that manage sensitive economic and policy data.
โAs with other agencies, CBO occasionally faces threats to its network and continually monitors to address those threats,โ Emma noted.
For now, the full scope and impact of the intrusion remain under investigation, but the attack serves as another reminder of the escalating cyber battle between nations โ and how even small federal offices can become targets in this growing digital battleground.
