Hackers stole us$35,000 from two dozen users of the Thrift Savings Plan (TSP), a retirement savings and investment plan for U.S. federal employees.
In late December, the computers of several TSP participants were infected with keylogging software that allowed criminals to record all keystrokes made by participants without their knowledge. The hackers also retrieved the customers' TSP personal identification number and other account information, according to a statement on the TSP Web site. However, the TSP's system was not breached, the company said.
"We were able to identify approximately two dozen participants who had relatively small amounts withdrawn from their accounts and electronically forwarded to fraudulent accounts," the TSP said. "Although we are working with the financial companies involved for the return of the funds, the total amount of loss involved is approximately $35,000. All affected participants have been notified."
"External penetration testing has demonstrated that our system has not been breached," the TSP said. "There is no evidence of any successful attacks against the system to identify a PIN and thus obtain access."
TSP officials said the personal information was compromised when keyloggers monitored each keystroke made by the users while they entered their TSP information into their own computers. All cases that have been identified involve electronic funds transfers. As an added security measure, the TSP has discontinued making these electronic payments for online transactions.
The TSP said over the coming months, it will be introducing several enhancements to the Web site, including a new alert message, more robust Web passwords and TSP account numbers, which will replace the use of the Social Security numbers for most TSP purposes.
A TSP spokesman declined to comment beyond the statement.