trending Market Intelligence /marketintelligence/en/news-insights/trending/Gy_-gTK8q7xcXzruTjBPeA2 content esgSubNav
In This List

FDIC reports additional cyber breaches, new internal cyber initiative

Blog

Post-webinar Q&A: Speed and Scalability – Automation in Credit Risk Modeling

Case Study

A Chinese Bank Takes Steps to Minimize Risks as it Supports International Trade

Blog

Middle East Africa MA by the Numbers: Q3 2021

Blog

Banking Essentials Newsletter: November Edition 2021 - Part 2


FDIC reports additional cyber breaches, new internal cyber initiative

After new guidance from the FDIC's inspector general, the agencyis reporting five additional security breaches, bringing the total number of breachessince October 2015 to seven.

In February, the bank regulator's inspector general said a databreach meets the seven-day reporting requirement to Congress any time 10,000 ormore records are exposed for any length of time, the FDIC stated. The agency hadpreviously reported two data breaches since October 2015.

"We take data security very seriously and are always lookingfor ways to improve and provide a more secure environment," the FDIC said ina statement.

The bank regulator is conducting a 60-day review, which willinclude implementing digital rights management software to locate and destroy dataas needed, executing encryption software on portable devices, and having a thirdparty conduct an assessment of the FDIC's security and privacy programs. In addition,the agency has created an incident response coordinator to serve as the main contactfor security incidents. Any employees that need a flash drive to transport datamust have permission to do so, and the agency is looking for an alternative systemto transport sensitive bank data to other regulators, the FDIC stated.

The FDIC considered these breaches low-risk because they involvedemployees who were leaving the agency, were in good standing and had a businessreason for having access to the data.

These data breaches would have been included in an annual requiredreport to Congress, the FDIC stated.

Lawrence Gross Jr., the FDIC's chief information officer andchief privacy officer, and Fred Gibson, acting inspector general at the FDIC, arescheduled to testifyon the data breaches before the House Committee on Science, Space and Technologyon May 12.