TZUTC: -0500
MSGID: 1687.consprcy@1:2320/105 2d7499d8
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
US Congressional Budget Office hit by suspected cyberattack - here's what we
know

Date:
Fri, 07 Nov 2025 14:03:00 +0000

Description:
Foreign adversaries may have accessed a congressional network.

FULL STORY

The US Congressional Budget Office has confirmed it was targeted in a
cybersecurity incident it suspects can be attributed to a foreign hacker. 

The non-partisan accounting service holds financial records and assessments
for the legislative branch, and holds sensitive government information. 

The Congressional Budget Office has identified the security incident, has
taken immediate action to contain it, and has implemented additional
monitoring and new security controls to further protect the agencys systems
going forward, CBO spokesperson Caitlin Emma said in a statement.

A continuous threat

Its very possible that sensitive data was compromised in the attack - and
specific concerns have arisen around emails exchanged between analysts and
congressional offices. Its likely a breach could expose economic forecasts,
draft reports, personal contact details, and policy plans. 

Incidents like these are sadly all too common, and critical infrastructure
suffers almost continual attacks, both from private hackers and state-backed
attackers - with the intention of exfiltrating data, espionage, disruption, 
or occasionally for profit. 

"The incident is being investigated and work for the Congress continues. Like
other government agencies and private sector entities, CBO occasionally faces
threats to its network and continually monitors to address those threats," 
the statement continues. 

This isnt the first time a congressional department has been targeted. In 
late 2024, the US Congressional staff were exposed in a Library of Congress
email hack which compromised almost a years worth of correspondence between
legislative staff and researchers in what was labelled as a foreign adversary
incident. 

Although these may seem like small-scale attacks that dont result in dramatic
takeovers of government institutions or shut downs, the incidents could give
foreign adversaries valuable information into upcoming policies, economic
expectations, or even network access. Access to internal communications could
lead to sophisticated social engineering attacks aimed at employees, leading
to even more serious incidents. 

Via NextGov

======================================================================
Link to news story:
https://www.techradar.com/pro/security/us-congressional-budget-office-hit-by-s
uspected-cyberattack-heres-what-we-know

$$
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 206 300 307 317 400 426 428 470 664
SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426