The National Labor Relations Board (NLRB) has taken the U.S. Postal Service to task over its delay in informing its employees of a cyber breach in the late summer or early fall of 2014.
Post office and FBI cyber-security investigators have pointed the finger at China as the breach’s source. Hackers stole sensitive personnel information, including names, dates of birth, Social Security numbers and addresses for about 800,000 post office staff, including then-Postmaster General Patrick Donahoe.
The American Postal Workers Union, the National Letter Carriers Association and the National Rural Letter Carriers Association filed grievances with the NLRB claiming that the Postal Service delayed informing employees of the breach.
USPS first discovered a possible breach on Sept. 11, 2014, but did not confirm the theft until Nov. 4. Officials informed employees of the breach on Nov. 10. USPS officials claim the FBI advised them to delay any announcement to discourage even more ambitious attacks.
The unions seek to compel the post office to negotiate protocols for informing employees of data breaches. The USPS has not yet answered the complaint, but did note that it took steps to protect employees in the breach’s wake.
- How to Fire an Employee the Legal Way: 6 Termination Guidelines
- Stick to FMLA certification rules, or lose your rights
- What rights do employers have under Texas's Open Carry Law? Can we ban guns at work?
- Your 2016 annual report: Link every HR initiative to financial impact
- OK to forgo lawyer in most unemployment cases