USPS officials have informed NALC of additional fraudulent activity against the LiteBlue application. The Postal Service is reporting that this new activity appears to be more sophisticated than the previous infiltration of USPS systems. This breach is compromising the Multifactor Authentication (MFA) one-time passcode feature that was added earlier this year, after the previous compromise, to provide an extra layer of security to LiteBlue.
As a result of these recent incidents, the Postal Service has once again temporarily disabled the ability for employees to make allotment and net-to-bank changes online while this fraudulent activity is investigated. USPS states that employees can still cancel net-to-bank and make allotment changes through the Human Resource Shared Service Center (HRSSC) Interactive Voice Response (IVR) system. The Postal Service is working with HRSSC to implement a process for these changes moving forward.
If you identify any activity with your account that looks suspicious, contact ISCCU@usps.gov. NALC will communicate any updates received by the USPS regarding this fraudulent activity.