OCC Cyber Breach: 150,000 Emails Exposed Over 8 Months
Blog post from SSOJet
The U.S. Office of the Comptroller of the Currency (OCC) experienced a major email breach that went undetected for over eight months, affecting approximately 100 accounts and exposing around 150,000 emails containing sensitive financial information. The breach, which started in May 2023 and was discovered in early 2025, involved unauthorized access through a compromised administrative account and was classified as a "major incident" under the Federal Information Security Modernization Act (FISMA). The OCC responded by disabling affected accounts, engaging third-party cybersecurity experts, and reviewing its security policies to address vulnerabilities and prevent future incidents. This breach underscores the necessity of implementing robust security measures such as secure single sign-on (SSO) and multi-factor authentication (MFA) to protect sensitive data and highlights broader concerns about the cybersecurity defenses of regulatory agencies.
No tracked trend matches for this post yet.