JPMorgan Chase and Bank of New York Mellon have reportedly reduced electronic information sharing with the Office of the Comptroller of the Currency (OCC) following a significant breach of the regulator’s email system.
The breach resulted in unauthorized access to over 100 OCC executives’ and employees’ emails, which contained highly sensitive information regarding the financial health of federally regulated institutions involved in examinations and supervisory oversight. Hackers are believed to have accessed more than 150,000 emails after infiltrating the system in June 2023. This incident has raised alarms among banks, with concerns that the compromised data could be exploited for targeted cyberattacks or extortion.
While the OCC has not disclosed the specific material that was accessed, financial institutions typically communicated with the regulator regarding their financial status, cybersecurity measures, vulnerability assessments, and other sensitive topics. According to Bloomberg, the decision by the banks to limit information sharing is driven by worries about potential security threats to their own computer networks following the OCC breach. It remains uncertain whether other major banks are implementing similar measures.