In a story posted by SC Magazine today, NCUA examiners lost a USB drive with NPPI from a credit union they were examining.
That isn’t the worst part:
“But the agency didn’t reveal that the thumb drive had been lost by one of its examiners until after news of the breach appeared in the press. The breach and the apparent secrecy around it generated concern that the NCUA does not have the proper safeguards in place for protecting sensitive data and prompted IG Hagen to say in a Monday statement that his office will audit the agency to determine why NCUA the breach remained mum until news of the breach became public as well as to uncover who leaked information to the press, according to a report in the Credit Union Journal.”
The implication is that the NCUA was attempting to cover up its ineptitude and got caught. While the IG investigation is nice, will this result in any changes at any of the regulators? I hope so.