The U.S. Congressional Budget Office (CBO) has confirmed that it fell victim to a cyberattack, prompting swift action to contain the breach and strengthen its digital defenses. “The agency is investigating the breach and has identified the security incident, has taken immediate action to contain it, and has implemented additional monitoring and new security controls to further protect the agency’s systems going forward,” said Caitlin Emma, spokesperson for the CBO, in a statement to TechCrunch.
The CBO, a nonpartisan federal agency, plays a crucial role in providing lawmakers with economic forecasts and cost analyses that guide the federal budgeting process and legislative decisions. The incident has raised serious concerns within congressional circles, given the sensitive nature of the data handled by the agency.
According to a report by The Washington Post, which first revealed the breach, foreign hackers are believed to be behind the intrusion. The report noted that officials fear the attackers may have gained access to internal emails, chat logs, and communications between CBO analysts and congressional offices. Such exposure could potentially enable phishing attacks or manipulation of legislative correspondence.
In a related update, Reuters reported that the Senate Sergeant at Arms, the Senate’s law enforcement arm, alerted congressional offices about the breach, warning that communications with the CBO might have been compromised.
While investigators have not yet confirmed how the hackers infiltrated the CBO’s systems, cybersecurity researcher Kevin Beaumont suggested that the attackers may have exploited an outdated Cisco ASA firewall still in use by the agency. Beaumont previously observed that the firewall had not been patched since 2024 and was vulnerable to recently discovered security flaws that Chinese state-backed hackers were reportedly exploiting. “At the time of his posting, the CBO’s firewall was allegedly vulnerable to a series of newly discovered security bugs,” he said, adding that the device remained unpatched when the federal government shutdown began on October 1.
Beaumont later confirmed that the firewall has since been taken offline. The CBO declined to comment on Beaumont’s claims, while Cisco has yet to issue an official response.
The breach underscores growing cybersecurity risks faced by U.S. government institutions, particularly those managing confidential communications and data critical to national policymaking.
 has confirmed that it fell victim to a cyberattack, prompting swift action to contain the breach..){kind=link}