Classifying a February computer security breach as a “major incident,” the regulator of national banks Tuesday told Congress that the event led to unauthorized access to several of its executives’ and employees’ emails that included “highly sensitive information relating to the financial condition” of supervised banks.
In late February, when the Office of the Comptroller of the Currency (OCC) first revealed the security breach, it said that “there is no indication of any impact to the financial sector at this time” resulting from the breach.
In a release, the OCC said it discovered the security breach Feb. 11. The agency said it learned of “unusual interactions between a system administrative account in its office automation environment and OCC user mailboxes.”
The following day, the agency said, it confirmed the activity was unauthorized and disabled the compromised administrative accounts. The agency said it also initiated an independent third-party incident assessment and reported the incident to the federal Cybersecurity and Infrastructure Security Agency (CISA).
In a subsequent analysis of the compromised emails to determine their contents, OCC said, it determined the incident met the conditions necessary to be classified as a “major incident.”
“The OCC discovered that the unauthorized access to a number of its executives’ and employees’ emails included highly sensitive information relating to the financial condition of federally regulated financial institutions used in its examinations and supervisory oversight processes,” OCC said.
In addition to an independent third-party assessment, the OCC said it launched “an immediate and thorough evaluation of its current IT security policies and procedures to improve its ability to prevent, detect and remediate potential security incidents going forward.”
The agency said it is also “working to engage” another independent third-party to assess and analyze internal processes related to cyber incidents.
Leave a Reply