The Coast Guard is in the midst of investigating a data breach within its personnel and payroll system that delayed bi-weekly pay for 1,135 service members. The Coast Guard said it temporarily shut down its Direct Access (DA) system as it investigates the breach.
News articles won’t speculate, but supposedly enlisted users on certain online forums have said that hackers entered the DA system and changed the direct deposit data of the affected users.
Coast Guard members take to social media
The data breach was apparently disclosed in an email sent to all USCG servicemembers that was not supposed to be shared with the public – but some servicemembers took to social media anyway to complain about not receiving their direct deposit paychecks as expected on Thursday and Friday.
“People are getting emails about DA being compromised, apparently only some accounts were affected so not everyone will have pay issues,” one Coastie posted in a thread on Reddit.
Other Reddit users claimed the breach only affected servicemembers with bank accounts at the military-friendly banking institution USAA. Some attributed this to USAA accounts being “identified first because they typically process pay earlier than most banks.”
“Data breach on bank routing numbers. Payments had to be reprocessed for those affected. Mutual Assistance had been notified and is standing by,” another Reddit user said in the thread.
DA stands for the Direct Access self-serve personnel software program used by Coast Guard members to manage personnel administrative records, pay information, and servicemembers’ orders.
The DA system was designed to meet compliance regulations regarding the processing of servicemembers’ Personally Identifiable Information (PII).
The Coast Guard spokesperson reiterated that its members “deserve transparency into the causes and resolution of this incident” and that through the “ongoing response and investigation,” the USCG will “continue to provide timely updates to the workforce.”
Additionally, they said the Coast Guard would provide “clarity regarding the Service’s efforts to address any vulnerabilities in our data system.”
Cybersecurity report reveals Coast Guard severely vulnerable to attacks
Ironically, the breach comes the same week the US Government Accountability Office (GAO) published a report urging the military branch to prioritize its cybersecurity stance after finding significant and increasing cybersecurity risks to the US Maritime Transportation System (MTS), including by nation-state threat actors from China, Iran, North Korea, Russia, and other transnational criminal organizations.
The GAO report further mentions severe risks to MTS facilities, including ports, terminals, waterways, and both US and foreign-flagged vessels that increasingly rely on technology vulnerable to cyberattacks. It warns that future attacks could severely impact US port operations.
The US Coast Guard, one of the six branches of the US Military, is responsible for maritime law enforcement, search and rescue operations, maritime safety, environmental protection, and homeland security.
It is the only military branch in the US Department of Homeland Security and has roughly 43,000 active duty personnel, 7,000 reservists, and about 8,500 full-time civilian employees.
In April 2024, the Coast Guard Reserve also suffered a network breach impacting close to 11,000 personnel.
In that breach, the home addresses of over 7,500 servicemembers, as well as the names and employee identification numbers of over 3,100 individuals were compromised, Military.com said.
It’s unknown at this time if any of the members’ compromised information was accessed during the breach.
Comment
byu/justtakeapill from discussion
inhacking
Sources
https://cybernews.com/security/us-coast-guard-data-breach-personnel-systems-offline-paycheck-delays/
https://www.military.com/daily-news/2025/02/17/data-breach-prompts-coast-guard-take-personnel-and-pay-system-offline.html
Coast Guard hit with data breach, impacting pay for more than 1,100 members
byu/justtakeapill inhacking
