The Office of the Comptroller of the Currency has reported that “highly sensitive information” was accessed following a hack of its email system.
The regulator informed Congress about what it deems a “major incident” that was uncovered on February 11. The breach resulted in unauthorized access to emails belonging to several OCC executives and employees, which contained critical information related to the financial status of federally regulated institutions involved in examinations and supervisory oversight.
Bloomberg reports that the hackers accessed over 150,000 emails after compromising the system in June 2023. Access was terminated the day after the breach was identified, and third-party cybersecurity experts were brought in to conduct a comprehensive review of the internal investigation and forensic analysis. Additionally, the OCC is launching an evaluation of its current IT security policies.
“The confidentiality and integrity of the OCC’s information security systems are paramount to fulfilling its mission,” stated Acting Comptroller of the Currency Rodney Hood. “I have taken immediate steps to determine the full extent of the breach and to address the long-standing organizational and structural deficiencies that contributed to this incident.”