WASHINGTON — A House committee probing the Federal Deposit Insurance Corp.'s cybersecurity practices has accused the agency of accessing internal documents from the FDIC's inspector general.
The Science, Space and Technology Committee has criticized the FDIC for being slow to produce information about its cybersecurity procedures. Lawmakers now say that in preparing materials for the committee, the regulatory agency gathered a "substantial amount" of documents related to the Office of Inspector General's internal communications in an apparent violation of the watchdog's independence.
"This information raises serious concerns about the FDIC OIG's ability to conduct its work in an independent manner," a
-
Allison Aytes, a former Federal Deposit Insurance Corp. employee in its Office of Complex Financial Institutions, is under investigation by federal authorities for allegedly stealing big banks' living will data on her last day of employment.
May 31 -
As the Federal Deposit Insurance Corp. grapples with a series of newly revealed cybersecurity incidents, the U.S. government is prosecuting a former agency employee over a 2012 breach.
May 20 -
The event took place during the 2015 fiscal year, but was not separately disclosed to Congress until the agency's federally mandated annual report on information security. Even then, the FDIC provided only vague details on what happened.
May 12
The committee also drew attention to a "distinct watermark" in the latest batch of documents sent by the agency on Tuesday, which the lawmakers said went against submission instructions and had not been present in earlier filings. Smith and Loudermilk said the watermark suggests an effort by the FDIC to identify sources of information to the panel.
"Given the Committee's concerns about potential retaliation against whistleblowers discussed in previous letters to the FDIC, the FDIC's inclusion of a novel watermark raises serious questions about whether the agency is attempting to identify the source of Committee materials," they wrote in the letter. "Additionally, included in the set of materials are communications between OIG officials and agency employees. This raises serious concerns about whether the FDIC is attempting to identify confidential OIG informants."
The panel renewed its accusation that the FDIC had failed to produce all the documents requested by the committee. The panel "received over 880 pages of additional materials from the OIG that were withheld by the agency," the letter stated.
The committee is investigating at least eight data breaches related to former FDIC employees in the past year. In one case last summer, a departing employee — a former risk analyst in the agency's Office of Complex Financial Institutions — left with sensitive data about living wills. Her residence was later raided by the FBI.
The committee has asked the agency to respond to new requests pertaining to the independence of the inspector general office and the protection of its whistleblowers.
