Data breach affects 6,000 GAO employees
The breached data includes employees’ personally identifiable information.
The US Government Accountability Office (GAO) revealed that CGI Federal, an IT contractor and subsidiary of CGI Inc, reported a data breach last month affecting around 6,000 current and former GAO employees.
The breached data includes personally identifiable information such as names, social security numbers, addresses, and some banking details of employees who worked at GAO from 2007 to 2017.
The breach was attributed to a ‘threat actor exploiting a vulnerability in an externally provided platform,” as stated in a notification letter. The GAO, a congressional research arm, was informed about the breach on 17 January.
CGI, which has shifted its focus to cybersecurity, holds various contracts with the federal government, providing IT protection for numerous agencies. The company has yet to comment on the incident.
The US cybersecurity agency and the FBI have not provided immediate responses to inquiries about CGI.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.