Pedestrians pass the mark of the Secretary of Currency (OCC) office on Wednesday, March 20, 2019, displayed outside their headquarters in Washington, DC, USA.
Andrew Haller | Bloomberg | Getty Images
The currency secretary’s office on Tuesday said that that February email system hack was eligible as a “major incident” and exposed “very sensitive information.”
The violation, first disclosed and resolved in February, contained information related to “the financial position of federally regulated financial institutions used in the testing and supervision and supervision monitoring process.”
The OCC, the agency that regulates and oversees the National Bank, said it learned of the incident on February 11th and that it had been blocked out its compromised management account the following day. The regulator said it was using external cybersecurity experts for a full review of the incident and was beginning to review IT security policies to prevent further attacks.
“I took immediate steps to determine the full scope of the infringement and to remedy the longstanding organizational and structural flaws that contributed to this case,” said acting secretary of currency Rodney Hood.
“Some of these missed internal investigations that led to full accountability for identified vulnerabilities and unauthorized access,” he added.
Hackers had access to more than 150,000 emails from June 2023 until the beginning of this year, Bloomberg reported earlier, citing people with knowledge of the issue.
