On December 20, 2022, the USPS notified the Union that some Postal Service employees had unknowingly provided their usernames and passwords to criminal websites, while attempting to access PostalEase. We were told that employees had been using the Google search engine to access PostalEase. Google’s search engine, however, directed them to third-party websites that were designed to mirror the look and access of PostalEase. When employees entered in their login credentials on these websites, we were told that the creators of those websites were able to record those credentials. The USPS informed us that approximately 119 employees were impacted. Once they had possession of the employees’ login credentials, the criminals were able to enter PostalEASE and access the employee’s sensitive information, including, as USPS has explained creating unauthorized allotments or even redirecting one’s entire check to a different financial institution without their knowledge.
The Postal Service also stated that they received reports at the district level that Postal Inspectors have been contacting impacted employees, as well as employees who may have unknowingly been compromised and was requesting their EINs and passwords. USPS has stressed that Postal Inspectors have not and will not be asking postal employees to provide their EINs and passwords. You should never give your usernames or passwords to anyone.
The Postal Service has assured us that the official PostalEase site itself has not been breached and that no employee who has accessed PostalEase through the official postal website has been impacted. The official website is https://liteblue.usps.gov.
The Postal Service position is that any liability for the use of compromised login information on the PostalEase site remains with Google and that they will not provide salary advances for those employees whose credentials were stolen when they accessed the unauthorized websites that mirrored LiteBlue.
The Postal Service has issued mandatory Stand Up Talks. They are also in the process of sending letters to each impacted employee as well as letters to all employees to address the issue. To prevent any further unauthorized changes, the external link to PostalEase was disabled on December 29th. The Postal Service is working to expedite the deployment of a multi-factor authentication feature which will prompt employees for a second identification factor, such as a one-time passcode through text or email. This security enhancement is tentatively scheduled to launch on January 15, 2023. In the interim, employees can also contact the helpdesk at 877-477-3273 for assistance with any LiteBlue needs. Until the multi-factor authentication is implemented, employees may only log into LiteBlue from a USPS issued device in a USPS facility.
Any financially impacted employee should immediately contact the Eagan ASC Helpdesk at 866-974-2733 for assistance. If you suspect you are a victim of this fraud or if you encounter a fake LiteBlue website, you should also contact CyberSafe by email at cybersafe@usps.gov. The Postal Service is purchasing a one-year credit monitoring service for all impacted employees.
We have requested information regarding this fraudulent activity and continue to meet with postal officials. We are also preparing a national level grievance. Additional details will be shared when known.