The US State Department suffered a data breach that exposed some employee data.
The email system breach impacted "less than 1 percent of employee inboxes," according to a Sept. 7 department alert obtained by Politico. The department's classified email system was not affected, according to the alert, which was marked "Sensitive But Unclassified."
"We have determined that certain employees' personally identifiable information (PII) may have been exposed," the alert says. "We have notified those employees."
The agency didn't suggest who might be responsible for the breach, but noted that steps have been taken to secure systems and that the affected employees will be given three years of free credit monitoring, our sister site ZDNet reported.
It's working with an interagency group and a private sector service provider to conduct a full assessment, a State Department official said in an emailed statement.
Last week, a bipartisan group of five senatorsto find out why the department isn't using basic cybersecurity protections.
First published Sept. 19 at 3:10 a.m. PT.
Updated at 5:55 a.m. PT: Adds State Department statement.