News

U.S. CBO Faces Cyberattack: Suspected Foreign Breach Targets Sensitive Data

12277
10
Nov

The U.S. Congressional Budget Office (CBO) has confirmed a significant cybersecurity incident, following a suspected breach by foreign actors into its network. This intrusion potentially exposed sensitive data, prompting immediate action from the nonpartisan agency.

In a statement provided to various news outlets, CBO spokesperson Caitlin Emma acknowledged the “security incident” and affirmed the agency’s swift response to contain it. “The Congressional Budget Office has identified the security incident, has taken immediate action to contain it, and has implemented additional monitoring and new security controls to further protect the agency’s systems going forward,” Emma stated. She added, “The incident is being investigated and work for the Congress continues. Like other government agencies and private sector entities, CBO occasionally faces threats to its network and continually monitors to address those threats.”

Reports indicate that officials discovered the hack recently, raising concerns that confidential emails and communications between congressional offices and CBO analysts may have been compromised. While lawmakers have been assured that the intrusion was detected early, some congressional offices have reportedly paused email exchanges with the CBO as a precautionary measure.

The CBO plays a crucial role in the legislative process, providing Congress with independent economic analyses and cost estimates for proposed legislation. A breach of its systems could therefore expose highly confidential information, including draft reports, sensitive economic forecasts, and internal communications vital to policymaking.

Growing Trend of Government Cyberattacks

This attack on the CBO is not an isolated incident but rather the latest in a series of sophisticated cyber incidents targeting U.S. government agencies over the past year. These breaches underscore an escalating threat landscape for federal entities.

Notable past incidents include:

  • In December 2024, the U.S. Treasury Department confirmed a breach facilitated through the third-party remote support platform, BeyondTrust.
  • The Committee on Foreign Investment in the United States (CFIUS), responsible for reviewing foreign investments for national security risks, was also compromised by the same attackers.

These earlier attacks were attributed to “Silk Typhoon,” a Chinese state-sponsored Advanced Persistent Threat (APT) group. Silk Typhoon gained notoriety in early 2021 for exploiting ProxyLogon zero-day flaws impacting Microsoft Exchange Server, reportedly compromising tens of thousands of servers before security patches became available.

The ongoing investigation into the CBO breach will aim to identify the perpetrators and assess the full extent of the data exposure, as the government continues to grapple with persistent and evolving cyber threats.

Ngoc Vy

Ngoc Vy is a tech journalist specializing in artificial intelligence, emerging technologies, and their societal impact. She combines technical rigor with on-the-ground coverage of Vietnam’s startup ecosystem, from AI ethics debates to gov-tech adoption. Ngoc Vy is also passionate about bridging the gender gap in STEM journalism.