UPDATE from Director Industrial Relations Cash
All,
I just received the message below from the Postal Service which you may share with the field informing us the external link to PostalEase/Liteblue will be taken down today. This will require employees to make changes Postal Service devices within postal facilities.
Colleagues,
We continue to receive reports of employees clicking on fake LiteBlue websites, allowing cyber criminals to steal their usernames and passwords. A limited number of employees have reported changes to their net to bank or allotment changes due to this activity.
The USPS has taken multiple steps to combat this activity through enhanced communications, stand-up talks, working with internet providers to identify the sites as fraudulent, and proactively identifying potential victims. Unfortunately, some employees continue to access the fake websites.
The VP, CISO has recommended disabling the external link to PostalEase today, December 29, 2022.
Taking this action will prevent any net to bank or allotment changes to occur unless employees log-in from a USPS issued device in a USPS facility to further protect employees against fraudulent websites. The Chief Information Office is working to expedite the deployment of a multi-factor solution which will prompt employees for a second identification factor, such as a one-time passcode through text or email or through an authenticator application that will be in addition to their usernames and passwords.
In the interim, please inform employees to call the helpdesk at 877-477-3273 for assistance with their urgent LiteBlue needs.
Headquarters is working diligently to resolve these security issues and enable LiteBlue to be available ASAP.
Thank you!
Tom
There are numerous scams going on with the USPS Lite Blue. It appears that hackers have developed a scam where they create fake Lite Blue sites and entice employees to attempt to log on. Your information is then stolen, and they are free to take your money. Protect yourself. Below are two emails from our Director of Industrial Relations, Charlie Cash, on the state of the issue.
To: Charlie Cash <CCash@apwu.org>
Subject: Stand Up about Lite Blue Issues
All,
Please see the attached stand up talk and below message from the Postal Service. I apologize for the delay—things are crazy in Buffalo, and I will admit my family and home were my first priority during this disastrous storm that has taken 35 lives in Western New York.
The attached is an advisory about fake Liteblue Websites and attempts to compromise our member’s information. Please always got here LiteBlue (usps.gov) to access the real LiteBlue website.
Do not provide your EIN or password to anyone to include family, friends, or financial institutions that request it. We have reports that some advance check cashing or payday lenders (President Dimondstein and I call them legal loan sharks) are requesting member’s EINs, passwords, and LiteBlue login information in order to arrange these despicable loans—please do not give this information. Some of these institutions have been identified as the folks changing LiteBlue information and stealing member’s direct deposit.
We are in contact with the Postal Service on these issues and pushing for pay advances. However, the Postal Service as thus far taken the position that stolen direct deposit is no the fault of the USPS and not issuing advances. We are still pushing and fighting for this to happen. When I have more info, I will share.
In the meantime, if employees have issues, the need to contact their local stewards and officers who can then reach out to their NBAs if needs be.
Please share with field.
Also, below is a message from the USPS VP of Labor Relations, Tom Blum, pertaining to the direct deposit situation.
“However, I reiterate that everyone should go change their password and make sure they are using the appropriate website which is: LiteBlue (usps.gov)”
All,
I have been receiving individual reports from around the country of problems with employee’s direct deposit. It seems that some are reporting that changes have been made to their direct deposits have been changed to a bank account that does not belong to them and they are not receiving their paychecks. I have received no reports from the Postal Service of a system comprise, but if I do, I will share the information with the field.
Please, everyone needs to do the following:
- Login into LiteBlue and change passwords—do it even if nothing has happened
- Check your payroll. If it is not being deposited immediately:
- Call HRSSC and report
- Call finance and report (HRSSC can provide number)
- Once reported, ask your immediate supervisor for a pay advance if you were comprised. If you were not comprised—do not ask for a pay advance as this will only complicate things for those who have been legitimately compromised. If an advance is denied, immediately report the denial to your local or state union. I ask that the local or state union report the denial for tracking to Lee Branca at lbranca@apwu.org.
- Do not give your information to anyone. There have been reports that some “loan” companies-aka check cashing advance—places asking for LiteBlue info—DO NOT GIVE THEM INFO!
The Postal Service is in the process of switching to MultiFactor Authentication for all LiteBlue Transactions. I am not disputing this change as it is important to protect everyone’s info. This will add an additional layer of security to protect our employees.
Thank you and remember—stay safe, wear your mask!
Charlie Cash
Industrial Relations Director
American Postal Workers Union, AFL-CIO
Here is the message received from Vice-President of Labor Relations Tom Blum:
Colleagues,
VP Heather Dyer and the Inspection Service have confirmed Postal Service employees are often unknowingly providing their usernames and passwords to criminal websites, while attempting to access PostalEase.
Employees are using Google and attempting to access PostalEase; however, Google in-turn has been redirecting them to criminally run websites that mirror the look and access of PostalEase.
VP Dyer and the Corporate Information Security Office (CISO) are working with the Postal Inspection Service and drafting letters to the impacted group of approximately 119 employees, while also preparing a second letter addressed to all postal employees. Both drafts are currently under review by the Privacy Office and Law Department.
We have received reports representations have been made at the district level confirming Postal Inspectors are contacting impacted employees, as well as employees who may have unknowingly been compromised, and requesting their EINs and passwords.
Please note . . . Postal Inspectors have not contacted postal employees and requested their EINs and/or passwords. (Emphasis added by Charlie Cash)
If you know of any financially impacted employees, please have them immediately contact the Eagan ASC Helpdesk at 866-974-2733. Staff members are available to assist.
If you become aware of any employee experiencing access issues to PostalEase, please recommend they immediately contact 877-477-3273 to request assistance.
VP Dyer, the CISCO Team and the Postal Inspection Service continue working around-the-clock to enhance the security of PostalEase.
We will provide you with any additional information ASAP.
Tom
|