True Stories: Hybrid, eNote and RON Implementation

Join expert panelists that will discuss the status of federal legislation, trends in digital adoption and how best to prepare your organization for the next generation of lending processes.

Spruce’s Patrick Burns on innovation in title technology

In the season finale of Housing News season 5, Spruce CEO discusses heightened investor interest in title tech, innovation and fintech adoption.

UWM has a plan to win a war of mortgage attrition

UWM's margins will fall all the way down to 75 to 110 bps. Mat Ishbia says it's the perfect environment to prove that his mortgage firm is truly elite.

Don’t sleep on non-QM products

Now is the perfect time for originators to consider expanding to non-QM products – to grow business, diversify their offerings and to ensure an opportunity to better serve their customers.


OCC reveals major information security breach involving former employee

Says that retired employee downloaded thousands of files without authorization

The top U.S. banking regulator revealed Friday that a former employee downloaded thousands of files from the agency’s servers without authorization nearly a year ago and that the agency has not yet been able to recover those files.

In a notification sent to Congress and several other federal agencies, the Office of the Comptroller of the Currency said Friday that a “major information security incident” took place in November 2015.

According to the OCC notification, which was also sent to the director of Office of Management and Budget, the secretary of Homeland Security, the head of the Government Accountability Office, the incident involves a former employee who downloaded a “large number” of files onto two removable thumb drives without authorization prior to retiring from the agency.

The OCC said that when it contacted the former employee about those files, he was “unable to locate or return the thumb drives to the agency.”

According to the OCC, the unauthorized downloads occurred in November 2015, but were not discovered until Sept. 1, 2016, during a “retrospective review of employee downloads to removable media” conducted by the OCC that covered downloads that took place of the last two years.

The OCC said that it began that review in August 2016 following the implementation of a policy preventing employees from downloading information and data to removable media without supervisor approval.

According to the OCC, that review uncovered a “significant change” in the former employee’s download patterns during his final week of employment at the OCC.

After discovering the unusual download pattern, the OCC contacted the Treasury Department’s Office of Inspector General to begin an investigation, and the agency’s Core Management Group to begin an internal review.

Based on the CMG’s review and using information from the Treasury OIG investigation, the OCC determined on Oct. 27, 2016 that the event met the criteria of a “major incident” because it involved “controlled unclassified information, including privacy information.”

Additionally, the OCC said that the incident qualifies as a “major information security incident” because the devices containing the information in question are not currently recoverable, and because the incident involved the “unauthorized removal of more than 10,000 records.”

The OCC notification did not identify the types of documents that were removed nor the information contained within those documents.

The OCC did caution that based on current information, there appears to be no evidence to suggest that “any non-public OCC information, including any personally identifiable information or controlled unclassified information has been disclosed to any member of the public or misused in any way.”

The OCC said that the information on the two thumb drives is encrypted based on OCC policy to prevent information that is lost or stolen from being misused.

“The incident has not adversely affected OCC systems or the OCC’s mission, nor has the agency detected corruption of any data as a result of the incident,” the OCC said. “Furthermore, policies and technical safeguards implemented in August 2016 now prevent such an event from occurring.”

The OCC adds that it “takes its commitment to cyber and information security seriously,” adding that if its ongoing review identifies additional similar incidents, the agency will report them “as appropriate.”

Most Popular Articles

How appraisers value homes in a hot housing market

How do appraisers value a home in a market where prices are escalating rapidly – and where nearly two-thirds of listed homes faced bidding wars in March? HW+ Premium Content

May 13, 2021 By

Latest Articles

Foreclosures down in April as moratorium continues

RealtyTrac and ATTOM Data Solutions found the number of properties with foreclosure filings in April are down 1% month over month and 17% year over year.

May 14, 2021 By
3d rendering of a row of luxury townhouses along a street

Log In

Forgot Password?

Don't have an account? Please