The Congressional Budget Office in the United States has acknowledged experiencing a cyberattack.
Caitlin Emma, who serves as the CBO’s spokesperson, informed TechCrunch on Friday that the organization is actively looking into the incident. She stated that the breach has been identified, immediate measures have been taken to contain it, and the agency has introduced enhanced monitoring and new security protocols to better safeguard its systems in the future.
The CBO operates as a nonpartisan body, offering lawmakers economic evaluations and budgetary projections throughout the federal budgeting process, including after legislative proposals clear committee stages in both the House and Senate.
The Washington Post, which was the first to report on the incident Thursday, indicated that the attack was carried out by unidentified foreign hackers. The Post also noted that CBO officials are concerned the attackers may have accessed internal communications, including emails, chat records, and correspondence between congressional offices and CBO analysts.
According to Reuters, the Senate Sergeant at Arms, who oversees law enforcement for the Senate, alerted congressional offices about the breach. The warning stated that emails exchanged between the CBO and congressional offices might have been compromised and potentially used to launch phishing schemes.
It remains uncertain how the attackers infiltrated the CBO’s systems. However, shortly after the breach was made public, cybersecurity expert Kevin Beaumont suggested on Bluesky that the hackers could have exploited vulnerabilities in the CBO’s outdated Cisco firewall to gain entry.
Beaumont previously observed that the CBO’s network included a Cisco ASA firewall that had last received updates in 2024. At the time of his remarks, this firewall was reportedly susceptible to several recently discovered security flaws, which were being targeted by hackers believed to be associated with the Chinese government.
Beaumont also mentioned that the CBO’s firewall had not been updated before the federal government shutdown began on October 1.
On Thursday, Beaumont reported that the firewall had since been taken offline.
When questioned about Beaumont’s observations, the CBO’s spokesperson chose not to provide a statement. Cisco representatives also did not immediately reply to requests for comment.
