In response to my inquiries about the incident involving the GovTrip site, the GSA replied that the incident is still under investigation and that all they could say at this time is the following:
February 11, 2009, some users of GovTrip when logging on to the site were redirected to a site that delivered malicious software to their computers. No personal data was known to be compromised. The incident was quickly identified and a US CERT was issued.
GSA, the vendor, and customer agency IT specialists are moving swiftly to identify short-term and long-term measures to find the source of the incident and to prevent such an incident from recurring.