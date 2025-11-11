Share

The cybersecurity breach at the Congressional Budget Office (CBO) is now considered an “ongoing” threat, forcing congressional offices to halt most digital communications with the federal agency.

Officials issued urgent warnings on Monday, November 10, advising legislative staff to treat CBO email correspondence as potentially compromised.

Library of Congress employees, and presumably other congressional staff, were instructed to take extreme precautions: “Do NOT click on any links in emails from CBO. Do NOT share sensitive information with CBO colleagues over email, Microsoft Teams, or Zoom at this time.”

Staff members were told to verify the legitimacy of all CBO messages via telephone, highlighting the fear that compromised CBO accounts could be used for targeted phishing attacks across Capitol Hill.

The CBO and data at risk

The Congressional Budget Office (CBO) is a nonpartisan federal agency within the legislative branch. Its core mission is to provide objective, impartial cost estimates and economic analysis for virtually every piece of legislation considered by Congress. It also produces long-term budget and economic projections for the US.

The CBO’s critical role means the compromised network potentially exposes highly sensitive, pre-decisional data. This includes confidential communications between CBO analysts and lawmakers, draft cost estimates, internal financial forecasting models, and detailed analysis of major policy proposals before they are made public.

This information is invaluable to foreign intelligence services seeking advance knowledge of US fiscal policy.

While CBO spokespeople confirmed the “security incident” and stated they have implemented additional monitoring controls, the agency has not publicly named the perpetrator.

However, US officials briefed on the investigation suspect that Chinese state-backed hackers, possibly the group known as Silk Typhoon, are behind the sustained intrusion.

The incident has also raised alarm that the extended federal government shutdown may be contributing to stretched cyber defence resources across the legislative branch.

