Federal regulator implicated in data breach at California credit union

by: Daren Glenister

To paraphrase the proverb: “Regulator, heal thyself.”

All it takes is one external flash drive to compromise an entire business. It appears that in October 2014, a federal regulator performed a routine audit on a California credit union. In the process, the credit union’s key customer data was downloaded on to a portable flash drive. Then, this thumb drive was lost, stolen, or destroyed, says an article.

It’s unclear if the institution, the National Credit Union Administration auditor, or a combination of both were the cause of the disappearance. Naturally, an investigation is ongoing. “At this time we do not know if the external drive has been inadvertently destroyed or if it was acquired by an unauthorized person,” stated the Credit Union Times. “All we know is that it is lost.”

Crying Over Spilled Data

An article from Bank Info Security asks how “such an egregious breach” could occur. This is the wrong question. We know from experience that such manually-based technologies and processes are inherently flawed.

continue reading »