OCC Notifies Congress of Incident Involving Email System
a year ago
- #OCC
- #data-breach
- #cybersecurity
- The OCC reported a major information security incident to Congress due to unauthorized access to emails and attachments.
- Unauthorized access was detected on February 11, 2025, and confirmed on February 12, leading to immediate incident response protocols.
- Compromised administrative accounts were disabled, and unauthorized access was terminated by February 12.
- Public notice of the incident was provided on February 26.
- The breach involved highly sensitive information about federally regulated financial institutions.
- The OCC is conducting internal and third-party reviews to assess the extent of the breach and improve IT security policies.
- Acting Comptroller Rodney E. Hood emphasized the importance of confidentiality and integrity in OCC's systems and promised accountability.
- The OCC is coordinating with the Department of the Treasury throughout the investigation.