Foreign hackers may have accessed CBO systems in recent 'security incident'

The Congressional Budget Office, Capitol Hill’s nonpartisan accounting service that delivers financial assessments for legislation, was accessed in a hack potentially tied to a foreign hacker group.

“The Congressional Budget Office has identified the security incident, has taken immediate action to contain it, and has implemented additional monitoring and new security controls to further protect the agency’s systems going forward,” CBO spokesperson Caitlin Emma said in a statement. 

“The incident is being investigated and work for the Congress continues. Like other government agencies and private sector entities, CBO occasionally faces threats to its network and continually monitors to address those threats,” the statement added.

A Senate Budget Committee staffer acknowledged the hack to Nextgov/FCW and said the panel remains in contact with CBO leadership and is closely monitoring the situation.

The statements did not dispute Thursday reporting by The Washington Post indicating that the hack might be tied to a foreign adversary. CBO data is a valuable target for nation-state hackers because it may contain detailed economic projections, budget analyses and policy impact assessments that can reveal U.S. government priorities and other legislative plans that adversaries can exploit for strategic, political or financial advantage.

Given the nature of the office’s work, the hack could have exposed internal deliberations between lawmaker staffers and researchers. Last year, a foreign adversary accessed the contents of email communications between congressional legislative staffers and staff in the Library of Congress’s Congressional Research Service. 

In a statement to Nextgov/FCW, House Homeland Security Committee Chairman Andrew Garbarino, R-N.Y., said he was closely monitoring the situation and that his panel “will be in contact with [the Cybersecurity and Infrastructure Security Agency] and CBO regarding ongoing mitigation efforts to ensure government networks are secure.”

“Cybercriminals and adversaries are increasingly targeting government entities at every level, and it is particularly alarming as the federal government remains shut down,” he added. “A whole-of-government effort is vital to effectively combat widespread cyber threats from sophisticated actors.”

In a statement to Nextgov/FCW, CISA Director of Public Affairs Marci McCarthy said the agency “collaborates with all federal agencies and many government offices to enhance cybersecurity, ensuring the protection of the homeland and the well-being of all Americans."

Editor's note: This article has been updated to include comment from Rep. Andrew Garbarino, R-N.Y., and comment from CISA.