Congress criticizes 'weak' cybersecurity at FDIC.

PositionGOVERNMENT RECORDS

Members of Congress are concerned about the Federal Deposit Insurance Corporation (FDIC) repeatedly failing to properly notify officials after several cybersecurity failings.

A recent staff report from a Congressional committee detailed some of the complaints. According to Legaltech News, an outgoing FDIC employee placed confidential data on a USB drive, and hackers, possibly from China, placed malware on 12 computers and 10 servers, including computers used by the FDIC chairman, chief of staff, and general counsel. Those breaches took place during 2010, 2011, and 2013.

"The committee's staff report makes clear the FDIC has significant internal cybersecurity challenges both in respect to insider threats and external nation states," Jamil N. Jaffer, director of the Homeland and National Security Law Program at George Mason University, told Legaltech News. "This is particularly troubling given the FDIC's role in cybersecurity regulations on certain financial institutions."

The FDIC did not properly report the breaches to government officials; they were disclosed to those outside of the agency by the FDIC inspector general's office while it was investigating an October 2015 incident.

"The committee remains concerned about the FDIC's weak cybersecurity posture and its ability to prevent further breaches," according to the report issued by the U.S. House Science, Space, and Technology Committee staff. "Further, the FDIC's unwillingness to be open and transparent with the committee's investigation raises serious concerns about whether the agency is still attempting to shield information from production to Congress."

The FDIC confirmed that a "large quantity of sensitive FDIC information, including personally identifiable information of bank customers" was exposed in a 2015 incident in...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT