CUNA presses for NCUA review in exam-related info breach
ALEXANDRIA, Va. (12/17/14)--Following a data breach caused by the loss of a thumb drive containing member information during an federal examination of Palm Springs (Calif.) FCU, Eric Richard, general counsel for the Credit Union National Association, called on the National Credit Union Administration to conduct a thorough review of the situation.
The NCUA Tuesday confirmed the loss of the thumb drive during the exam. The agency said the lost information did not include member passwords or PINs, nor has the agency received indication of any unauthorized access to members' accounts or attempts to gain improper access. NCUA Public Affairs Specialist John Fairbanks added that the agency has "only confirmed the loss, not how it happened or who might have responsibility."
Richard, however, issued a statement that CUNA is "deeply concerned about this event."
"NCUA examiners are charged with promoting the safety and soundness of credit unions, not putting it at risk. NCUA should conduct a thorough review of the situation to see what steps it can take to make sure that nothing like this happens again.
"Trust in the agency is at stake," he declared.
An NCUA spokesperson told News Now, "NCUA is working closely with the credit union. Consistent with Office of Management and Budget guidance, the notice to members about the lost data came from the credit union. This notice is also consistent with California law, as well as NCUA's rules and instructions.
"Since 2008, NCUA has had in place policies and procedures governing the proper handling of electronic data received as part of the examination process. These procedures require NCUA examiners at all times to properly secure and control electronic devices containing sensitive or confidential information.
"We take this situation very seriously and we are committed to ensuring that the data shared in exams are protected."
Palm Springs FCU has more than $12.5 million in assets.