WASHINGTON — The Federal Deposit Insurance Corp. was able to access emails between staff at the agency's Office of Inspector General in a possible violation of the watchdog agency's independence, the FDIC confirmed Monday.
Lawmakers raised concerns last week that in investigating alleged cyberthefts, the FDIC was able to pull up emails of certain Office of Inspector General personnel — something it should not normally be allowed to do.
"The agency notified the OIG last week that some OIG internal communications were retrieved by the FDIC when it conducted an email search," a spokesperson from the agency's watchdog said in a statement on Monday.
-
WASHINGTON A House committee probing the Federal Deposit Insurance Corp.'s cybersecurity practices has accused the agency of accessing internal documents from the FDIC's inspector general.
June 10 -
Allison Aytes, a former Federal Deposit Insurance Corp. employee in its Office of Complex Financial Institutions, is under investigation by federal authorities for allegedly stealing big banks' living will data on her last day of employment.
May 31 -
As the Federal Deposit Insurance Corp. grapples with a series of newly revealed cybersecurity incidents, the U.S. government is prosecuting a former agency employee over a 2012 breach.
May 20
Barbara Hagenbaugh, the FDIC's top spokesperson, confirmed the incident, saying the FDIC was inadvertently able to access the emails for two reasons. In some cases, the emails of several former FDIC employees who had moved on to work for the inspector general had not been properly partitioned. Additionally, several email inboxes belonging to Office of Inspector General staff were placed in the wrong server, Hagenbaugh said.
The data was immediately segregated from the FDIC's other internal data, and this access was disclosed to the OIG, Hagenbaugh added.
The acknowledgement comes after lawmakers on the House Committee on Science, Space and Technology sent a letter to FDIC Chairman Martin Gruenberg saying this access "raises serious concerns about the FDIC OIG's ability to conduct its work in an independent manner."
It is the latest charge from the committee, which is conducting a probe of the FDIC's response to several cybersecurity incidents, including at least eight data breaches at the hands of departing agency employees since last summer.
The letter, signed by Committee Chairman Rep. Lamar Smith, R-Texas, and Rep. Barry Loudermilk, R-Ga., who heads the subcommittee leading the investigation, also accused the agency of placing watermarks on the submitted documents in an effort to weed out potential whistleblowers.
Earlier in the week, the FDIC delivered thousands of new documents in an effort to comply with information requests from the panel, which had previously accused the agency of obstruction.
Committee staff said the FDIC had been delayed by the Office of Inspector General emails incident, and had submitted an incomplete dossier. But Hagenbaugh disputed this, saying the discovery of the OIG emails did not delay the delivery of information to the panel.
As part of the investigation, the committee questioned FDIC Chief Information Officer Lawrence Gross and Inspector General Fred Gibson at a hearing last month.
The committee has also called on nine more FDIC officials to be interviewed privately by the panel's staff, including Roberta McInerney, deputy general counsel for consumer and legislation; Andy Jiminez, the head of legislative affairs; and Christopher J. Farrow, chief information security officer.
Gruenberg is expected to be called to testify at the next hearing, which the committee has scheduled for July 14.
"We're cooperating fully," Hagenbaugh said.
