[BreachExchange] U.S. regulator says former employee downloaded data from office

Audrey McNeil audrey at riskbasedsecurity.com
Wed Nov 2 19:12:43 EDT 2016


http://www.reuters.com/article/us-usa-banking-data-idUSKCN12S2JO


A U.S. banking regulator said on Friday it had told Congress about what it
called "a major information security incident" after a former employee was
found to have downloaded a large number of files onto thumb drives before
his retirement.

The Office of the Comptroller of the Currency said in a statement that
there was no evidence to suggest that the data in the downloads had been
disclosed to the public or misused in any way.

Before he retired in November 2015, the former employee downloaded a large
number of files onto two removable thumb drives though the incident was
only detected last month during a routine security review, the OCC said in
a statement.

When the former employee was contacted, the OCC said, he "was unable to
locate or return the thumb drives to the agency."

The stolen data was encrypted, the agency said.

The Office of the Comptroller, along with the Federal Reserve and Federal
Deposit Insurance Corporation, is one of the nation's three most
influential bank regulators that is tasked with protecting consumers and
financial markets.

The OCC has deemed the breach a "major incident" because the devices
containing the information are not recoverable and more than 10,000 records
were removed, the agency said.

An official familiar with the investigation declined to comment on a
possible motive. The official, who was not authorized to discuss the case,
noted that a large batch of unclassified personnel records were among the
cache.

Shane Shook, an independent cyber crime expert who helps governments and
financial institutions respond to breaches, said that he was not
particularly concerned about the loss of the data, which OMB regulations
require the OCC to report to the public, regardless of impact.

"This happens quite a lot," he said. "The risk would be if the information
somehow gets released to unauthorized sources" such as WikeLeaks or another
website where stolen data is posted.

He said that in many case employees or consultants who report missing thumb
drives with sensitive data on them eventually end up finding them.

Representatives with the Department of Homeland Security and FBI said they
had no immediate comment.

A number of high-profile data breaches at the federal level have
highlighted the vulnerability of sensitive information.

In recent weeks, the National Security Agency has come under fresh scrutiny
after a contractor was accused of having hoarded sensitive information at
his home.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161102/9cec8a77/attachment.html>


More information about the BreachExchange mailing list