The U.S. Congressional Budget Office (CBO) suffered a cyber breach by a suspected foreign actor, potentially exposing internal communications, research, and email/chat logs used to guide federal legislation. The incident, discovered recently, is under federal investigation due to concerns over unauthorized access to sensitive interactions between lawmakers and CBO analysts. The CBO confirmed the breach and took immediate containment measures, though the extent of data compromise and the attacker’s identity remain undisclosed. Given the CBO’s role in shaping economic and budgetary policies, the breach poses risks of legislative manipulation or intelligence gathering by state-sponsored actors. The incident echoes a December 2024 attack on the U.S. Treasury via a third-party vendor, though no direct link has been established.
Source: https://bnonews.com/index.php/2025/11/foreign-hackers-breach-u-s-congressional-budget-office/
TPRM report: https://www.rankiteo.com/company/congressional-budget-office
"id": "con5603756110725",
"linkid": "congressional-budget-office",
"type": "Breach",
"date": "12/2024",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'public policy and economic analysis',
'location': 'United States',
'name': 'U.S. Congressional Budget Office (CBO)',
'type': 'government agency'}],
'data_breach': {'sensitivity_of_data': 'high (influences federal legislation '
'and financial projections)',
'type_of_data_compromised': ['internal communications',
'research documents',
'email logs',
'chat logs']},
'description': 'The U.S. Congressional Budget Office (CBO) was hacked by a '
'suspected foreign actor, potentially exposing internal '
'communications, research, email, and chat logs used to guide '
'federal legislation. The breach is under investigation by '
'federal authorities. The CBO confirmed the incident and took '
'immediate containment actions, but details on the attacker or '
'extent of compromised data remain unclear. The incident '
'resembles a December 2024 state-sponsored Chinese hack '
'targeting the U.S. Department of the Treasury via a '
'third-party software provider.',
'impact': {'brand_reputation_impact': "potential erosion of trust in CBO's "
'data security',
'data_compromised': ['internal communications',
'research documents',
'email logs',
'chat logs']},
'initial_access_broker': {'high_value_targets': ['internal communications',
'legislative research',
'email/chat logs']},
'investigation_status': 'ongoing (federal authorities investigating)',
'motivation': ['espionage',
'influence on federal legislation',
'economic intelligence'],
'references': [{'source': 'The Washington Post'}],
'response': {'communication_strategy': ['brief public statement confirming '
'the incident'],
'containment_measures': ['immediate actions to contain the '
'breach (details undisclosed)'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True},
'threat_actor': 'suspected foreign actor (potentially state-sponsored)',
'title': 'U.S. Congressional Budget Office (CBO) Cyber Breach by Suspected '
'Foreign Actor',
'type': ['cyberespionage', 'data breach']}