About the breach
The breach happened in EEOC’s Public Portal system where unauthorized access of agency data may have disclosed personal data in logs given to agency by the public. “Staff employed by the contractor, who had privileged access to EEOC systems, were able to handle data in an unauthorized (UA) and prohibited manner in early 2025,” reads the EEOC email notification sent by data security office.
The email said that the review suggested personally identifiable information (PII) may have been leaked, depending on the individual. The exposed information may contain names, contact and other data. The review of is still ongoing while EOCC works with the law enforcement.
EOCC has asked individuals to review their financial accounts for any malicious activity and has also asked portal users to reset their passwords.
Contracting data indicates that EEOC had a contract with Opexus, a company that provides case management software solutions to the federal government.
Prevention measures
Open spokesperson confirmed this and said EEOC and Opex “took immediate action when we learned of this activity, and we continue to support investigative and law enforcement effo
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: