In what is described as a “major information security incident,” a former employee of the Office of the Comptroller of the Currency (OCC) downloaded more than 10,000 records onto two thumb drives just before his retirement in November 2015, Reuters reports. Congress was informed of this incident by the US banking regulator, which said it detected the breach recently during a routine security review.
When contacted by OCC, the former employee said he "was unable to locate or return the thumb drives to the agency."
The motive behind the breach is not clear and there are no reports of misuse of the encrypted information so far, although an official revealed that unclassified personnel records were among the stolen data.
According to cybercrime expert Shane Shook, "The risk would be if the information somehow gets released to unauthorized sources" like WikiLeaks.
Read details on Reuters.