In a memo outlining a security incident as required by the Federal Information Security Modernization Act of 2014, the FDIC has admitted that the data of 44,000 FDIC customers was “inadvertently” taken by an employee as the employee was leaving the employment of the agency.
According to the memo, the employee downloaded the information of the 44,000 customers onto a personal storage device “inadvertently.”
According to the FDIC, its “investigation does not indicate that any sensitive information has been disseminated or compromised.”
Nonetheless, this incident is a reminder to organizations to keep a close eye on current and departing employees’ use of storage devices, including USBs and CDs, which can store large amounts of information. Many companies use technology tools to detect the use of portable devices and prohibit downloading any material to such devices.