A U.S. banking regulator says an employee downloaded a large amount of data from its computer system a week before he retired and is now unable to locate the thumb drives he stored it on.
The Office of the Comptroller of the Currency, which is a part of the Department of the Treasury, said the loss represented "a major information security incident" as it reported the case to Congress on Friday.
The data was taken in November 2015, but its loss was only discovered in September this year as the agency reviewed downloads to removable media devices in the last two years.
The employee in question used two thumb drives to store the information, both of which he is unable to locate, the agency said.
It didn't say what information was downloaded but said it involved "controlled unclassified information, including privacy information" and numbered at least 10,000 records.
However, the OCC said there is no evidence to suggest any of the data has been leaked or disclosed to the public.
"The information on the two thumb drives was encrypted based on OCC policy to prevent information that is lost or stolen from being misused," it said in a statement. "The incident has not adversely affected OCC systems or the OCC’s mission, nor has the agency detected corruption of any data as a result of the incident."
A new IT security policy implemented in August 2016 already makes a repeat of the incident impossible, it said.
Next read this:
- 7 traits that separate IT leaders from IT managers
- 6 business concepts IT leaders should master
- Tech takes on its racist terminology
- 10 most misused buzzwords in IT
- 9 IT resolutions for 2021
- Top 8 challenges IT leaders will face in 2021
- Top 5 strategic priorities for IT leaders in 2021
- 11 old-school IT principles that still rule
- CIO resumes: 6 best practices and 7 strong examples
- 13 'best practices' IT should avoid at all costs
- 10 future trends and how CIOs can keep ahead in 2021