Cyber Incident Victim: United States Postal Service

In early February 2023, a cyber breach impacted United States Postal Service (USPS) operations in eastern North Carolina and the Jacksonville area, disrupting payroll systems and causing financial harm to employees. The incident manifested when affected workers discovered missing direct deposit paychecks, with unauthorized alterations to their banking information. Larisa Covington, a Jacksonville-based USPS employee, experienced this firsthand when her expected February paycheck failed to arrive and her direct deposit details were changed to an unfamiliar bank account without her knowledge or consent. The breach specifically targeted payroll processing systems, though the exact method of compromise remained unspecified in initial reports. Employees reported the discrepancies to management, prompting USPS to initiate an internal investigation into the cybersecurity incident. The disruption caused immediate financial strain for workers relying on timely wage disbursements, though the total number of affected employees and the precise duration of payment delays were not publicly disclosed.

The Postal Service’s investigation remained ongoing as of late March 2023, with no public confirmation of the attack’s origin, scope, or remediation measures. While USPS acknowledged the breach’s impact on payroll operations, it did not release details about whether customer data, mail delivery systems, or other regional facilities were compromised. Affected employees expressed dissatisfaction with the resolution process, citing unresolved paycheck issues more than a month after the incident’s initial detection. The breach highlighted vulnerabilities in employee financial data handling but yielded no information about whether ransomware, external threat actors, or insider involvement contributed to the incident. Financial institutions worked with victims like Covington to secure accounts, but systemic corrections to USPS payroll protocols were not detailed in available reports.