As previously reported, NALC is continuing to monitor the Postal Service’s response to the cyber breach that compromised a Postal Service computer file containing employees’ personal and employment information. NALC has filed a charge with the National Labor Relations Board protesting the Postal Service’s failure to provide NALC advance notice of, and an opportunity to bargain over, the Postal Service’s response to this breach. Pending resolution of this dispute, individual letter carriers may elect to enroll in the credit monitoring service offered by the Postal Service, with the knowledge that NALC may seek different or additional remedies.
APWU files Labor charges against USPS over lack of info on security breach
We have already filed charges with the National Labor Relations Board protesting the Postal Service’s failure to bargain over the impact of the security breach. We are demanding information from the USPS about the extent of the breach – both known and suspected – and what postal management knew, when they knew it, and what they did, or failed to do to protect employee information.
The NALC waited longer than the APWU to address this breach of security, but it’s good that both unions are filing with the NLRB to get to the bottom of this inexcusable act. One wonders not just how much the Service management knew and when, as the article mentions, but what remedy is appropriate for the compromising of so much personal information. The management sent a predictable sob story letter to its employees, neatly pinning the blame strictly on the cyber criminals.
But not releasing the information for 11 months finally to Congress and another two months before telling the employees reeks of complicity or gross ignorance of their own computer network. I think there were parties that could have been any inside employee, craft or management that uses computers at work every day, and I think money changed dirty hands in return for allowing so much time to lapse before reporting the crime. Odds would be it was in management, since craft employees don’t do much computer work.
The Service should at least give a monetary remedy to all employees. How much is appropriate is unknown since this kind of event has no precedence, at least that we know of.