CFTC confirmed the breach last week as a phishing email that led one employee to a fraudulent site, Bloomberg Businessweek reported. A third party was then able to gain access to personnel data using the information input by the employee on the site.

CFTC said it will implement additional security controls and increase training for employees. The agency will also provide identity protection for employees through a credit monitoring company.

This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.