Chinese Government Suspected of Backing Hackers in Post Office Breach

An unidentified hacker group accessed personal info on more than 80,000 USPS employees.

A hacker group accused of being backed by the Chinese government is suspected of accessing data on more than 800,000 United States Postal Service (USPS) employees.

The agency released a statement this week acknowledging that an intrusion to its networks had occurred and that it is working with the FBI in an ongoing investigation. According to the USPS, the breach was limited only to its employee database, and customer data (including payment information) was never accessed.

"Information potentially compromised in the incident may include personally identifiable information about employees, including names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, emergency contact information and other information," wrote USPS's David Partenheimer in a released statement.  

While the USPS did not give any insight to the motive or the identity of the attackers, The Washington Post on Monday reported that a hacker group working for the Chinese government is suspected. Speaking to an anonymous source close to the investigation, the publication said that the incident, which occurred sometime in September, was pulled off by "a sophisticated actor that appears not to be interested in identity theft or credit card fraud."

According to James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies, besides collecting and filing the government employee data, further actions using the info will probably not occur. "They're just looking for big pots of data on government employees," Lewis said to The Post. "For the Chinese, this is probably a way of building their inventory on U.S. persons for counterintelligence and recruitment purpose."

It's unclear which high-profile hacker group that has been accused to be working hand-and-hand with the Chinese government was involved with this specific attack. Last week  security firm Novetta Solutions released a report (PDF) detailing a relatively new group called Axiom. The cyber crime ring, which has ties to the Chinese government, is believed to be responsible for targeting 43,000 systems of government and law enforcement personnel from across the globe.

While there has yet to be a connection between the breach and the group, the hack would line up with what Novetta Solutions says is one of the primary fuctions of Axiom. "Information held by these organizations includes details on individuals with access to confidential or classified information, which would be extremely useful for intelligence and counterintelligence operations," read the report. "Additionally, it should be noted that this sort of information could also be used to enable or extend technical and human operations against target organizations and individuals."


About the Author

Chris Paoli is the site producer for and


  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus