Cyber Incident Victim: U.S. Agency for Global Media

The U.S. Agency for Global Media (USAGM) experienced a data breach in December 2020 resulting from a successful phishing attack. Threat actors compromised an agency email account containing sensitive personal information of current and former employees affiliated with USAGM, Voice of America, and the Office of Cuba Broadcasting who worked between 2013 and 2020. Exposed data included full names and Social Security numbers belonging to employees as well as their beneficiaries and dependents. USAGM, a federal entity overseeing international broadcast networks like Radio Free Europe and Middle East Broadcasting Networks, discovered the intrusion but did not notify affected personnel until April 13, 2021—a four-month delay following the initial compromise. This timeframe created potential opportunities for malicious actors to exploit the stolen data through identity theft or secondary phishing campaigns targeting victims.

Upon identifying the breach, USAGM secured the compromised email account to prevent further unauthorized access. The agency initiated staff-wide phishing awareness training and expedited deployment of multifactor authentication (MFA) across critical systems including Office 365, SharePoint, and OneDrive. Affected individuals received offers for complimentary one-year subscriptions to Experian IdentityWorks credit monitoring services. The breach’s impact extended beyond direct employees to include family members listed as beneficiaries, necessitating broader vigilance against fraudulent activities leveraging the stolen identifiers. No operational disruptions to USAGM’s broadcasting networks were reported, though the incident exposed systemic vulnerabilities in employee email security practices prior to the MFA implementation.