A GSA spokesman confirmed today that GovTrip.com, a travel reservations site used by federal agencies was hacked last week. Visitors to the site were redirected to another site that delivered malicious code to their computers. GSA says the incident was quickly identified, access to the site was blocked and no employees information was compromised. GSA spokesman Bob Lesino said the agency is working to prevent recurrences and provided the official statement below:
"February 11, 2009, some users of GovTrip.com when logging on to the site were redirected to a site that delivered malicious software to their computers. No personal data was known to be compromised. The incident was quickly identified and a US CERT (US Computer Emergency Readiness Team) alert was issued. GSA, the vendor, and customer agency IT specialists are moving swiftly to identify short-term and long-term measures to find the source of the incident and to prevent such an incident from recurring."
While the attack and potential compromising of employees personal and financial information is troubling enough, perhaps more so is the complete lack of information released on this subject. Employees at the Transportation Department and the Environmental Protection Agency have reported receiving e-mails telling them to steer clear of GovTrip, but not a word out of the federal government on the extent of the attack or the nature of the malware that was downloaded. A bit disappointing given the Obama administration's promises of transparency.
GSA chief information officer Casey Coleman declined to comment, saying the event is still being analyzed. Northrup Grumman did not respond to a request for a comment either. The site remained offline at the time of this posting.