Executive Summary
- The Congressional Budget Office (CBO) has confirmed it is managing an ongoing cybersecurity breach first detected in early November 2025.
- Federal investigators suspect a foreign state actor is responsible for the sophisticated cyberattack.
- Sensitive information, including internal communications with lawmakers and confidential fiscal data, may have been compromised.
- The CBO has implemented enhanced security protocols as a federal investigation into the origin and extent of the breach continues.
WASHINGTON – The Congressional Budget Office (CBO) is grappling with a persistent cybersecurity breach that officials suspect involves a foreign actor. The incident, first detected around November 6, 2025, has potentially compromised sensitive communications between the nonpartisan fiscal agency and congressional offices, raising significant concerns about the security of federal legislative and economic data.
Investigation and Immediate Response
The CBO confirmed the security incident on November 7, stating that new security measures were immediately implemented while an investigation remains ongoing. According to multiple reports, the breach may have exposed internal emails, chat logs, and confidential data, including cost estimates for pending legislation. The Library of Congress subsequently advised its employees to exercise caution when emailing the CBO, underscoring the active nature of the threat.
Potential Foreign Involvement and Implications
Sources familiar with the investigation have indicated that a foreign adversary is likely responsible for the sophisticated attack. A compromised CBO could expose sensitive details about upcoming budget proposals and economic projections, potentially undermining trust in the impartial analyses that are critical for congressional debates on federal spending and deficits. The agency’s recent work includes projections on the federal deficit and the economic effects of a potential government shutdown.
Context of Government Vulnerabilities
This attack highlights ongoing vulnerabilities within U.S. government networks, reminiscent of previous major incidents such as the 2020 SolarWinds hack. Cybersecurity experts have noted that the CBO, as a repository of high-value economic and fiscal information, represents a prime target for foreign intelligence gathering. The breach’s full scope is still being determined, but it serves as a stark reminder of the escalating cyber threats facing key democratic institutions.
Looking Ahead
While the CBO has moved to contain the breach and enhance its defenses, the ongoing nature of the incident suggests significant challenges in fully neutralizing the threat. Federal agencies are actively investigating the foreign actor angle as lawmakers on the House and Senate Budget Committees monitor the situation’s impact on the flow of critical fiscal data to Congress.