FDIC Faces Congressional Scrutiny After Breach

WASHINGTON — A former Federal Deposit Insurance Corp. employee took off with data on some 44,000 customers of closed banks when she left the agency in late February, according to an agency memo uncovered by The Washington Post.

She has since returned the data, which was contained on a removable media device, and signed an affidavit "stating that she had not used or shared any of the information," said Julianne Breitbeil, an FDIC spokeswoman.

The memo, from FDIC Chief Information Officer Lawrence Gross Jr., stated that the breach from an outgoing employee, whose last day at the agency was Feb. 26, was made "inadvertently and without malicious intent," the Post report said.

Using software that tracks downloads from agency computers onto removable media, "we figured out the download on Feb. 29," Breitbeil said. "The former employee was contacted the same day and she returned the device on March 1."

The FDIC reported the information to the U.S. Congress "out of an abundance of caution," Breitbeil said. The agency is phasing out the use of removable media devices in the office, she said.

In a letter to FDIC Chairman Martin Gruenberg, Rep. Lamar Smith, R-Texas, asked for additional information about the incident and about "all major security breaches involving FDIC information" since 2009, according to the Post.

For reprint and licensing requests for this article, click here.
Law and regulation Data breaches
MORE FROM AMERICAN BANKER