The U.S. Postal Service said today it has been the victim of “a cyber-security intrusion” that exposed the personal information of some 800,000 employees.
The FBI is investigating the source of the attack, but a source briefed on the incident told ABC News it appears to have originated in China and has been going on for the last two months.
The USPS said on its website that the intrusion “is limited in scope and all operations of the Postal Service are functioning normally.”
Employee information, like names, addresses and Social Security numbers, may have been compromised, the USPS said.
The agency said there is “no evidence” any customer credit card information was exposed, but the attack also compromised some call center data and may have swept up names, addresses telephone numbers and email addresses of people who provided that information between January and August this year.
The source told ABC News the attack is suspected to be the work of state actors in China, but said today’s disclosure by the USPS was unrelated to President Obama’s current visit there.
“It’s an unfortunate fact of life these days that every organization connected to the Internet is a constant target for cyber intrusion activity. The United States Postal Service is no different. Fortunately, we have seen no evidence of malicious use of the compromised data and we are taking steps to help our employees protect against any potential misuse of their data,” Postmaster General Patrick Donahoe said. “As a result of this incident we have significantly strengthened our systems against future attacks. We take such threats seriously and regularly take action to protect our networks, our customers’ data and our employees’ information.”