US Coast Guard paychecks delayed by cyberattack

News
By
published

Over 1,000 personnel have been affected

US coast guard boat
(Image credit: Shutterstock / ThePhotoFab)
  • A data breach has apparently hit the US Coast Guard
  • The paychecks of over a thousand employees have been affected
  • The Coast Guard is investigating the incident

A data breach has affected the personnel and payroll systems of the US Coast Guard, and has impacted member pay, and forced the agency to to take systems offline to prevent further intrusion until “at least February 19th, 2025”.

The Coast Guard told Cybernews researchers it is, “investigating the breach of data within its personnel and payroll system, which has impacted the timeliness of bi-weekly pay to 1,135 members.”

The sensitive financial information of service members was reportedly exposed in the hack, meaning they could be at risk of fraud or identity theft - so it could be dangerous for anyone exposed, here’s what we know so far.

Compromised accounts

The data breach was discovered by a junior petty officer, who alerted the agency to irregular activity on their account, and the source of the breach is yet unknown.

The full scope of the breach also hasn’t been determined yet, and the Coast Guard have confirmed it will “ensure it is resolved as soon as possible”.

“Concurrently, the Coast Guard Personnel Service Center and Pay and Personnel Center are expediting pay to any impacted Coast Guard members,” the agency said, calling “the men and women of the USCG workforce our most valuable resource.”

The service’s Pay and Personnel Center, has pulled its Direct Access military pay and benefits system offline while it investigates the issue, but the spokesperson confirmed that members will be paid “as soon as possible”.

The Coast Guard spokesperson reiterated to Cybernews its members “deserve transparency into the causes and resolution of this incident” and that through the “ongoing response and investigation,” the USCG will “continue to provide timely updates to the workforce.”

In April 2024, the Coast Guard Reserve suffered a data breach which exposed the private information of thousands of individuals, including home addresses, employee identification numbers, and names.

With increased cybercriminal activity from rogue nation states across the world, it's unsurprising that critical infrastructure and government agencies are being targeted. In fact, US military and defense contractors have been increasingly attacked by Infostealer malware, with the US Army, Navy, Lockheed Martin, Boeing, and others all affected.

Employees at risk

Since Personally Identifiable Information was leaked as part of this breach, there is a risk for those affected. Financial information puts personnel at risk of fraud, such as false credit card claims, so employees should be sure to monitor their accounts very carefully.

With any data breach, a serious danger is the risk of identity theft for families and employees, which these plans can help with. Staying on top of your accounts and your details is the basis of it, but the plans often offer insurance, dark web monitoring, and antivirus software to keep you protected all in one place.

Besides that, social engineering attacks like phishing are a risk, because attackers can use the personal information gained from the breach to construct a specific email (usually) that references family members, websites you use, the company you work for, or another convincing scam.

These will often prompt the victim into action, like clicking a link, entering credentials, or scanning a QR code. Our advice is to never click links or scan codes you don’t 100% trust, and be very, very wary of communications you aren’t expecting.

Banks are unlikely to email or call you out of the blue, and so are the social media companies or communication platforms you use - and they won’t ask for your information either. If you receive an email from one of these you’re not sure about, look up the official email address and compare them, or call the company up to verify.

Make sure you create a strong and secure password and a unique one for all platforms which hold medical or financial information (like banks and messaging apps) - this quarantines any accounts that do suffer a data breach.

Also important, is to enable multi-factor authentication or MFA. Although this can be a bit of a hassle, it's an extra layer of security and gives you a peace of mind knowing that criminals would face an extra barrier to steal your details.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

More about security
A white padlock on a dark digital background.

A new and dangerous keylogger is on the loose - here's how to stay safe
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.

These fake macOS updates are actually just looking to spread malware
Bose Smart soundbar on TV stand with TV showing The Batman

I'm amazed by the Bose Smart Soundbar’s features for the money, and am also impressed with its Dolby Atmos sound
See more latest