Cyber Incident Victim: Occupational Safety and Health Administration
Date:
Aug 2017
Location:
United States of America
Summary
OSHA suspended access to its Injury Tracking Application following a security breach after the Department of Homeland Security alerted the Department of Labor to a potential compromise of user information. The incident affected one organization, which received direct notification about the exposure of injury and illness records submitted through the web portal established under the agency's electronic workplace safety reporting rule. The suspension halted submissions via the platform designed for employers to comply with federally mandated injury tracking requirements.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 17, 2017, the Occupational Safety and Health Administration (OSHA) suspended access to its newly launched Injury Tracking Application (ITA) following a security breach notification. The ITA, designed as a web portal for employers to submit injury and illness records (including OSHA Forms 300, 300A, and 301) under the Electronic Recordkeeping rule, had recently become operational. The suspension occurred after the Department of Homeland Security alerted the Department of Labor about a potential compromise of user information within the system. OSHA acted swiftly to disable the ITA platform upon receiving this warning, halting all electronic submissions through the portal. Initial investigations revealed that only one employer’s data was confirmed to be affected by the breach. The compromised entity received direct notification from OSHA regarding the incident, though specific details about the nature of the exposed information were not publicly disclosed. No evidence suggested broader unauthorized access beyond this single entity at the time of the suspension.
The incident disrupted OSHA’s implementation timeline for mandatory electronic recordkeeping submissions, which were part of its workplace safety compliance enforcement strategy. While the ITA suspension prevented all employers from submitting required injury and illness data electronically, OSHA emphasized that the breach impact appeared isolated. The agency did not disclose technical details about the vulnerability exploited, methods of detection, or whether malicious actors were definitively involved. Response efforts focused on securing the system before reactivation, though no timeline for restoration was provided in the immediate aftermath. The event highlighted operational risks associated with federal agencies’ rollout of new digital compliance tools while underscoring OSHA’s reliance on interagency collaboration with Homeland Security for threat detection. No additional compromised organizations or secondary consequences were reported following the initial disclosure.