"Staff employed by the contractor, who had privileged access to EEOC systems, were able to handle data in an unauthorized (UA) and prohibited manner in early 2025,"
"Upon discovery, the EEOC took immediate steps to secure its systems and initiated an assessment to determine the nature and scope of the incident."
"The review determined that certain personally identifiable information (PII) may have been exposed. Depending on the individual, this information may have included name and other identifying or contact information. The review is ongoing, and the EEOC is working with law enforcement."
"took immediate action when we learned of this activity, and we continue to support investigative and law enforcement efforts into these individuals' conduct which is under active prosecution in the Federal Court of the Eastern District of Virginia."
The Equal Employment Opportunity Commission experienced an internal data security incident involving unauthorized handling of information by contractor employees in early 2025. The breach affected the EEOC Public Portal system and was discovered around Dec. 18. Contractor staff with privileged access mishandled agency data in an unauthorized and prohibited manner, potentially exposing personally identifiable information of employees. Exposed information may have included names and other identifying or contact details depending on the individual. The EEOC secured systems, initiated an assessment, required staff to reset passwords, encouraged monitoring of financial accounts, and is working with law enforcement while the review continues. The contractor Opexus confirmed involvement and support for investigative and prosecutorial efforts.
Read at Nextgov.com
Unable to calculate read time
Collection
[
|
...
]