trending Market Intelligence /marketintelligence/en/news-insights/trending/Gy_-gTK8q7xcXzruTjBPeA2 content
Log in to other products

Login to Market Intelligence Platform

 /


Looking for more?

Contact Us
In This List

FDIC reports additional cyber breaches, new internal cyber initiative

Banking Essentials Newsletter - November Edition

University Essentials | COVID-19 Economic Outlook in Banking: Rates and Long-Term Expectations: Q&A with the Experts

Estimating Credit Losses Under COVID-19 and the Post-Crisis Recovery

StreetTalk – Episode 70: Banks' Liquidity Conundrum Could Fuel M&A Activity


FDIC reports additional cyber breaches, new internal cyber initiative

After new guidance from the FDIC's inspector general, the agencyis reporting five additional security breaches, bringing the total number of breachessince October 2015 to seven.

In February, the bank regulator's inspector general said a databreach meets the seven-day reporting requirement to Congress any time 10,000 ormore records are exposed for any length of time, the FDIC stated. The agency hadpreviously reported two data breaches since October 2015.

"We take data security very seriously and are always lookingfor ways to improve and provide a more secure environment," the FDIC said ina statement.

The bank regulator is conducting a 60-day review, which willinclude implementing digital rights management software to locate and destroy dataas needed, executing encryption software on portable devices, and having a thirdparty conduct an assessment of the FDIC's security and privacy programs. In addition,the agency has created an incident response coordinator to serve as the main contactfor security incidents. Any employees that need a flash drive to transport datamust have permission to do so, and the agency is looking for an alternative systemto transport sensitive bank data to other regulators, the FDIC stated.

The FDIC considered these breaches low-risk because they involvedemployees who were leaving the agency, were in good standing and had a businessreason for having access to the data.

These data breaches would have been included in an annual requiredreport to Congress, the FDIC stated.

Lawrence Gross Jr., the FDIC's chief information officer andchief privacy officer, and Fred Gibson, acting inspector general at the FDIC, arescheduled to testifyon the data breaches before the House Committee on Science, Space and Technologyon May 12.