The US Department of Agriculture is investigating a “possible data breach” of a department contractor connected to a broader hack on multiple federal agencies that officials have blamed on Russian cybercriminals, a department spokesperson told CNN on Saturday night.
“USDA is aware of a possible data breach with a vendor that may impact a very small number of employees, and any employees whose data may have been affected will be contacted and provided support,” the spokesperson said in an emailed statement.
The spokesperson did not immediately respond to questions on how many USDA employees may be affected and what services the contractor provides. The Record from Recorded Future News, a publication of cybersecurity firm Recorded Future, first reported that USDA may be impacted by the hack.
The news brings the list of publicly known US agencies to be targeted or breached by the Russian-speaking hackers to three. The US Office of Personnel Management is impacted by the cyber incident, CNN first reported on Friday, as are two organizations in the US Department of Energy.
The USDA has nearly 100,000 employees who manage a wide portfolio of federal programs on nutrition, forestation and farming, according to its website.
Multiple US federal agencies were affected by the hack, which officials have said appears to be an opportunistic move to gain access to as many organizations as possible to extort them, CNN first reported on Thursday.
No federal agencies have reported receiving demands, but corporate victims have previously reported demands of millions of dollars.
The hackers last month began exploiting a vulnerability in widely use file-transfer software known as MOVEit, made by the Massachusetts-based firm Progress Software.
Hundreds of US companies and organizations may have the vulnerable software installed, US officials have said. Big corporations overseas like the BBC and British Airways have also had data exposed.
One person with direct knowledge of negotiations between the hacking gang, known as Clop, and its victims said the hackers had in one case asked for more than $100 million from one corporate victim — an audacious number that was a nonstarter.
US officials and Progress Software have issued security recommendations for responding to the vulnerabilities in the software