U.S. budget analysis agency acknowledges breach as investigators probe potential compromise of lawmaker communications and outdated firewall vulnerabilities.
CBO Confirms Cybersecurity Breach
The U.S. Congressional Budget Office (CBO) has officially confirmed it was hacked, marking a rare but serious cybersecurity incident involving a federal agency that plays a critical role in economic and legislative analysis.
- The agency said it has contained the breach and deployed new security controls and enhanced monitoring.
- Spokesperson Caitlin Emma told TechCrunch the CBO is actively investigating the incident.
Sensitive Congressional Communications at Risk
The breach could have exposed internal CBO communications, including emails, chat logs, and correspondence with lawmakers’ offices, according to The Washington Post, which first reported the hack.
- These communications may contain early analyses of legislation and budget forecasts, potentially offering valuable intelligence.
- Reuters reported that the Senate Sergeant at Arms, responsible for security in the upper chamber, issued alerts to congressional offices warning of possible phishing risks stemming from the breach.
Outdated Firewall Possibly Exploited
Security researcher Kevin Beaumont suggested the attackers may have exploited the CBO’s unpatched Cisco ASA firewall, which he flagged last month as being vulnerable to actively exploited flaws.
- At the time, the firewall had not been patched since 2024, despite new vulnerabilities being discovered in late 2025.
- These vulnerabilities were reportedly being targeted by Chinese state-backed hackers, raising concerns of foreign government involvement.
“The firewall is now offline,” Beaumont wrote on Bluesky, shortly after the breach became public.
- The CBO declined to comment on whether the firewall was the entry point.
- Cisco has yet to respond to inquiries.
The Role of the CBO and Why It Matters
The Congressional Budget Office is a nonpartisan agency that supports Congress by providing:
- Independent economic forecasts
- Cost estimates of proposed legislation
- Budget analyses that shape public policy
Because of its access to sensitive legislative data, the CBO is a strategic target for threat actors seeking to influence or spy on the U.S. lawmaking process.
Broader Implications
This breach comes amid a wave of attacks on U.S. government networks, particularly those using legacy systems or devices not patched during the 2025 federal government shutdown.
- The shutdown, which began on October 1, delayed many routine cybersecurity updates, making agencies temporarily more vulnerable.
- The incident highlights the urgent need for improved cyber hygiene, especially for agencies that handle sensitive policymaking data.
What’s Next
While the full scope of the breach remains unknown, federal cybersecurity teams are now working to:
- Assess the extent of data exfiltration
- Determine if any phishing campaigns are ongoing
- Coordinate responses with affected congressional offices
Expectations are high for further disclosures, especially if the attack is officially attributed to a foreign government.
