Hackers Accessed 100 OCC Regulators' Emails for Over a Year

Coin WorldWednesday, Apr 9, 2025 6:29 am ET

1min read

Hackers successfully infiltrated the email accounts of approximately 100 bank regulators at the Office of the Comptroller of the Currency (OCC), an independent bureau of the Department of the Treasury. This breach allowed the attackers to monitor sensitive communications and deliberations within the agency for over a year, from June 2023 until their discovery earlier this year. The hackers gained access by compromising an administrator’s account, which provided them with entry to a vast amount of internal correspondence, including over 150,000 emails.

The OCC, which oversees national banks, federal savings associations, and the federal branches and agencies of foreign banks, disclosed a "cybersecurity incident" on February 26. The agency identified a limited number of affected email accounts and promptly disabled them. However, the extent of the breach was later found to be more significant than initially reported, with the hackers accessing the mailboxes of senior deputy comptrollers, international banking supervisors, and other key staff members.

The incident was reported to the Cybersecurity and Infrastructure Security Agency (CISA), which operates as the cyber unit of the Department of Homeland Security. CISA stated that there was no indication of any impact on the financial sector at the time of the disclosure. The agency is responsible for securing federal systems and sharing information about digital threats with both the public and private sectors.

The identity of the hackers remains unknown, and it is unclear whether the breach is related to a previous incident involving Chinese state-sponsored hackers who accessed unclassified documents and former Secretary Janet Yellen’s computer through a third-party provider. The OCC and the Treasury Department have not provided further comments on the matter.

This cyber

intrusion

highlights the ongoing vulnerability of regulatory bodies to sophisticated cyber-attacks. The prolonged access to sensitive information raises concerns about the potential for future breaches and the need for enhanced cybersecurity measures within financial regulatory agencies. The incident underscores the importance of robust cyber defenses and continuous monitoring to protect against such threats.

Comments

﻿

Add a public comment...

No comments yet

Disclaimer: The news articles available on this platform are generated in whole or in part by artificial intelligence and may not have been reviewed or fact checked by human editors. While we make reasonable efforts to ensure the quality and accuracy of the content, we make no representations or warranties, express or implied, as to the truthfulness, reliability, completeness, or timeliness of any information provided. It is your sole responsibility to independently verify any facts, statements, or claims prior to acting upon them. Ainvest Fintech Inc expressly disclaims all liability for any loss, damage, or harm arising from the use of or reliance on AI-generated content, including but not limited to direct, indirect, incidental, or consequential damages.