Congress hits FDIC cyber breach that ‘boggles the mind’

Author: 
Coverage Type: 

A series of cybersecurity incidents at the federal office safeguarding bank deposits has seriously shaken the confidence of House members who were dismayed by agency testimony. Lawrence Gross, the Federal Deposit Insurance Corp.’s chief information and chief privacy officer, was called before the panel to explain the removal of sensitive electronic data by employees. Members also accused the agency of obstructing a congressional investigation into the cyber-issues.

The House Science, Space and Technology oversight subcommittee also sought more information on a sophisticated cybertheft of FDIC data that subcommittee Chairman Barry Loudermilk (R-GA) said was likely done by the Chinese. Since October, a series of violations by seven employees as they were leaving the agency, including five recent cases, resulted in the breach of personal information belonging to more than 160,000 individuals, according to Loudermilk. “To date, FDIC has failed to notify any of those individuals that their private information may have been compromised,” he added. An FDIC spokesperson confirmed they have not been notified and said “we are going to offer credit monitoring” to the affected individuals. The information includes names, bank account numbers and possibly Social Security numbers in some cases. The seven apparently unrelated violations occurred “inadvertently,” according to Gross when the staffers downloaded their own information from work computers as they were resigning from the agency. Republican and Democratic Reps were incredulous.


Congress hits FDIC cyber breach that ‘boggles the mind’