The Consumer Financial Protection Bureau (CFPB) is a U.S. government agency established to safeguard consumers in the financial sector. Recently, the agency disclosed that a former employee had transferred the personal data of over 250,000 individuals to a personal email account.
While employed, the employee handled this information in their daily duties. As such, the released data included two spreadsheets containing account numbers for approximately 256,000 individuals. The CFPB stated that these account numbers could not access consumers’ accounts or bank details. The agency explained that it used these numbers for internal purposes only.
In addition, the bureau announced it had not found evidence that the former employee distributed this information to others. In light of this breach, the CFPB terminated the employee. The agency also requested the former employee to delete the emails and provide proof of this action. So far, the former employee has not yet complied with these requests.
Investigations identified stolen information of customers connected to several institutions. However, the CFPB noted that most accounts concerned a single institution. Furthermore, the stolen data includes demographic, account, and loan information. In light of this breach, the bureau stated that it takes data privacy seriously, finding this unauthorized data transfer “completely unacceptable.” As such, the agency referred the situation to the Office of the Inspector General, which will likely investigate further.
After informing Congress and other federal agencies about the breach, the CFPB received a letter requesting a briefing on the incident. In this letter, the Chair of the Financial Services Committ’s investigations panel requested they reply by April 25, 2023. According to the Chair, “[m]y understanding is that the transfer of records could have possibly implicated more than 50 financial institutions’ sensitive information. If these facts prove to be true, the effects could be widespread and injurious.”
Senator Tim Scott, a Ranking Member of the Senate Banking Committee, requested a briefing by May 8, 2023, regarding the incident. In addition, the Senator pointed to concerns about a recent final rule involving the vast collection of small business lending data. Such data includes credit products like term loans, lines of credit, credit cards, merchant cash advances, and even personally identifiable information like race, ethnicity, and sex.
Instances of data breaches, such as the one reported by the CFPB, highlight the importance of safeguarding sensitive information. To protect both businesses and consumers from such risks, employers must take appropriate measures, such as utilizing accredited background check providers. The right provider can identify red flags and help employers make educated hiring decisions.
Pre-employ makes background checks easy and reliable. Speak with a sales representative today.