Watchdog Identifies Multiple Data Security Deficiencies at the Consumer Financial Protection Bureau

Press Release

With the recent data breaches at the Internal Revenue Service (IRS) and Office of Personnel Management (OPM) fresh in the minds of Americans, U.S. Senator Tim Scott (R-SC) today led 22 of his colleagues in questioning the security of financial data on millions of Americans that the Consumer Financial Protection Bureau (CFPB) and its contractors collect and store. A report last fall by the government's watchdog, the Government Accountability Office (GAO), identified multiple weaknesses in the CFPB's protection of consumer data, which includes hundreds of millions of credit card accounts, home mortgage loan information, and other financial records.

"While [the IRS and OPM] investigations remain ongoing, we believe that now is a critical time to examine the measures other government agencies take to secure personal data they collect on Americans," the Senators wrote. "Under the Dodd-Frank Act, the CFPB has begun accumulating loan-level data "covering approximately 80% of the credit card marketplace'--hundreds of millions of credit card accounts…We are gravely concerned by the CFPB's inability to confirm that the massive amount of data it collects and stores could not be reverse-engineered and traced back to one of our constituents."

The CFPB was asked to provide detailed information about the security of the CFPB's IT systems, the CFPB's plans for notifying consumers whose data may be stolen in an IRS- or OPM-style breach, and how the CFPB ensures data security at third-party vendors it uses for data collection and storage.

Source