Thousands of U.S. Environmental Protection Agency (EPA) employees had their personal information exposed through a database breach.
How many victims? 7,800, comprised of 5,100 current employees and 2,700 others.
What type of personal information? Social Security numbers, bank routing numbers and home addresses.
What happened? The hackers were able to compromise a server that stores data related to the Superfund program. They obtained access by tricking an employee to click on an email that contained a malicious attachment.
What was the response? The EPA is choosing to remain coy about the breach, which happened in March, but only was just reported to victims, due to the sensitivity of the information involved. Officials said they took so long to notify affected individuals because they were trying to identify who they were.
Details: The affected server may have been managed by third-party contractors.
Source: Washington Business Journal, "EPA breach involved program widely supported by contractors," Aug. 3, 2012.