Data breach affects 6,000 GAO employees

The breached data includes employees’ personally identifiable information.

 Computer Hardware, Electronics, Hardware, Monitor, Screen, Adult, Female, Person, Woman, Computer, Computer Keyboard, Mouse, Face, Head

The US Government Accountability Office (GAO) revealed that CGI Federal, an IT contractor and subsidiary of CGI Inc, reported a data breach last month affecting around 6,000 current and former GAO employees.

The breached data includes personally identifiable information such as names, social security numbers, addresses, and some banking details of employees who worked at GAO from 2007 to 2017.

The breach was attributed to a ‘threat actor exploiting a vulnerability in an externally provided platform,” as stated in a notification letter. The GAO, a congressional research arm, was informed about the breach on 17 January.

CGI, which has shifted its focus to cybersecurity, holds various contracts with the federal government, providing IT protection for numerous agencies. The company has yet to comment on the incident.

The US cybersecurity agency and the FBI have not provided immediate responses to inquiries about CGI.