The Congressional Budget Office (CBO) is responding to a cybersecurity incident that has persisted for several days and remains unresolved. The agency, which provides fiscal analyses and cost estimates to Congress, confirmed this week that it is dealing with an “ongoing” breach.
Politico was the first to report on the situation, stating that CBO officials are still working to determine the extent of the intrusion and whether any data was compromised. In response, the CBO has implemented new monitoring systems and security controls while its investigation continues.
The Associated Press reported that CBO officials have not disclosed if sensitive information was accessed or who might be responsible for the attack. The agency also declined to reveal how long its systems have been affected.
Senate offices received a warning from the chamber’s Sergeant at Arms about possible exposure of email communications with the CBO, according to Reuters. This advisory urged congressional staff members to exercise caution when handling emails related to the CBO until the incident is fully contained.
Despite assurances from the agency that its work for lawmakers continues without interruption, concerns remain about whether analytical models or data could have been tampered with during this period. Experts told the Associated Press that labeling a breach as “ongoing” indicates investigators are still addressing active threats rather than only cleaning up after an attack.
The breach occurs at a time when Congress depends heavily on CBO projections for ongoing fiscal debates and budget negotiations. Reuters noted that prolonged breaches can increase risks by allowing attackers more opportunity to map internal systems or set up backdoors.
According to The Washington Post, initial assessments suggest foreign involvement in the attack, though officials have not publicly attributed responsibility to any nation or group.
In a statement, the CBO said it “continually monitors” for cyber threats and had taken “immediate action” once it detected suspicious activity.
Lawmakers from both parties are calling for briefings after the investigation concludes and are emphasizing improved digital defenses and clearer reporting protocols across federal agencies. The incident has raised broader questions about cybersecurity readiness among government bodies that do not handle classified information but play vital roles in daily operations.
