January 12, 2023- We received the following update regarding the LiteBlue/PostalEase security issues:
The USPS Corporate Information Security Office (CISO) and the Eagan Accounting Service Center’s LiteBlue recovery process ensures the monies recovered from financial institutions will be promptly repaid to the employees impacted by the fake websites.
As of yesterday, CISO has received confirmation there were 368 instances in pay period 26 where employees accessed fake LiteBlue websites and had their IDs and passwords hacked, with that number dropping to 195 in pay period 1. Please note some employees may be included in both groups.
The Eagan ASC has provided a rough estimate of $322,000 in recovered funds. Unfortunately, not all the stolen money will be recovered. It is the position of the Postal Service that they will not be reimbursing employees for any funds lost due to the criminal activity involving the fake LiteBlue websites.
We are told that following notice of the unauthorized activity, Eagan immediately sent out letters of indemnity to the financial institutions, and aggressively worked with them to recover the stolen monies. The OIG’s and Inspection Service’s criminal investigations continue.
Once the financial institutions return the recovered monies to the Eagan ASC via electronic funds transfers, the ACS will cut checks to the impacted employees. All recovery checks are being mailed to the impacted employees’ duty stations of record.
CISO and the postal vendor are working to implement the new LiteBlue security features that include multi-factor authentication, projected go-live on January 15, 2023. The new LiteBlue access protocol will require the additional identification step to enhance system security.
We will continue to keep you updated as we receive more information.
Corporate Information Security Office (CISO) has just confirmed the tentative date for implementing the new “multi-factor” protocol for enabling the restoration for access to LiteBlue is Sunday, January 15, 2023. The multi-factor access will mirror the additional ID authentications required by banks, insurance companies, etc. when accessing and completing transactions on similar platforms.
Impacted employees continue to be contacted by representatives from the Eagan ASC, Inspection Service, OIG and/or CISO as part of the on-going investigation. We will post additional details when known.