The National Labor Relations Board (NLRB) has taken the U.S. Postal Service to task over its delay in informing its employees of a cyber breach in the late summer or early fall of 2014.
Post office and FBI cyber-security investigators have pointed the finger at China as the breach’s source. Hackers stole sensitive personnel information, including names, dates of birth, Social Security numbers and addresses for about 800,000 post office staff, including then-Postmaster General Patrick Donahoe.
The American Postal Workers Union, the National Letter Carriers Association and the National Rural Letter Carriers Association filed grievances with the NLRB claiming that the Postal Service delayed informing employees of the breach.
USPS first discovered a possible breach on Sept. 11, 2014, but did not confirm the theft until Nov. 4. Officials informed employees of the breach on Nov. 10. USPS officials claim the FBI advised them to delay any announcement to discourage even more ambitious attacks.
The unions seek to compel the post office to negotiate protocols for informing employees of data breaches. The USPS has not yet answered the complaint, but did note that it took steps to protect employees in the breach’s wake.