U.S. regulator says former employee downloaded data from office

Reuters News
Posted: Oct 28, 2016 3:52 PM

WASHINGTON (Reuters) - A U.S. banking regulator said on Friday it had told Congress about what it called "a major information security incident" after a former employee was found to have downloaded a large number of files onto two thumb drives before his retirement.

The Office of the Comptroller of the Currency said in a statement that there was no evidence to suggest that the data in the downloads had been disclosed to the public or misused in any way.

Before he retired in November 2015, the former employee downloaded a large number of files onto two removable thumb drives though the incident was only detected last month during a routine security review, the OCC said in a statement.

The Office of the Comptroller, along with the Federal Reserve and Federal Deposit Insurance Corporation, is one of the nation's three most influential bank regulators that is tasked with protecting consumers and financial markets.

The OCC detected the breach after it began to implement a policy meant to detect employees who download information and data on unauthorized devises or without permission.

The OCC has deemed the breach a "major incident", though because the devices containing the information are not recoverable and more than 10,000 records were removed, the agency said.

A number of high-profile data breaches at the federal level have highlighted the vulnerability of sensitive information.

In recent weeks, the National Security Agency has come under fresh scrutiny after a contractor was accused of having hoarded sensitive information at his home.

(This version of the story corrects the headline to say rhe employee took information from regulator, not bank. It also corrects the name of department in last paragraph to National Security Agency, not administration)

(Reporting by Eric Walsh; Editing by Eric Beech)