US agency says it was alerted to breach by contractor CGI Federal


A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration

(Reuters) - The U.S. Government Accountability Office said Monday that CGI Federal, an IT contractor and unit of CGI Inc, notified the agency of a data breach last month affecting about 6,000 current and former GAO employees.

The GAO, a research arm of Congress, said in a statement the data involved personally identifiable information on employees including some people who worked there from 2007 to 2017.

A breach notification letter seen by Reuters said that the data contained "names, social security numbers, addresses, and some banking information." The letter said the breach had been carried out by a "threat actor exploiting a vulnerability in an externally provided platform" but didn't delve into specifics.

GAO spokesperson Chuck Young said his agency was notified about the breach on Jan. 17 but referred questions about its impact to CGI. CGI Federal did not immediately return messages seeking comment.

CGI, which has pivoted toward cybersecurity in recent years, has a host of contracts with the federal government. In recent congressional testimony, a CGI official said that the company has provided IT protection for "100 participating agencies" through the U.S. cybersecurity agency tasked with protecting federal networks.

In the same testimony, GCI said it provided cybersecurity services the State, Justice, Commerce, and Labor departments as well as the Federal Communications Commission and the United States Agency for International Development.

The cybersecurity agency did not immediately respond to a request for comment about CGI. The FBI did not immediately return emails.

(Reporting by Raphael Satter. Additional reporting by Christopher Bing and Douglas Gillison in Washington; Editing by Cynthia Osterman and Lisa Shumaker)

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Next In Tech News

Sirius XM found liable in New York lawsuit over subscription cancellations
US Supreme Court tosses case involving securities fraud suit against Facebook
Amazon doubles down on AI startup Anthropic with $4 billion investment
Factbox-Who are bankrupt Northvolt's creditors?
UK should use new powers to probe Apple-Google mobile browser duopoly, report says
EU regulators scrap probe into Apple's e-book rules after complaint was withdrawn
Hyundai recalls over 145,000 electrified US vehicles on loss of drive power
'World of Warcraft' still going strong as it celebrates 20 years
Northvolt CEO steps down, saying group needs up to $1.2 billion
Bitcoin at record highs, sets sights on $100,000

Others Also Read