The good news is that the data was encrypted.

More often than not, data breaches take place due to an insider. At times it could be as simple as a staff who is not security conscious.

According to the Office of the Comptroller of Currency, a worker took more than 10,000 staff and activity records shortly before he retired. The unnamed worker copied a “large number” of files onto two pendrives and when asked to return the drives containing the data, he could not find them.

Although this incident was treated as a “major” event, due to existing safety standards, the risk to the government can be mitigated since, the data was stored in an encrypted format precisely to prevent damage from this kind of a loss.

As yet there is no indication that the data has fallen into wrong hands.

However, what is taken very seriously is that the OCC let the data be taken in the first place.

In August 2016, the agency has implemented a policy which bars employees from transferring any data to removal storage without a supervisor’s approval. Unfortunately, the policy was adopted a tad too late to catch this thumb drive incident.

Secondly, there is the very real possibility that this is not the only breach to have happened. Investigators spotted the data transfer breach only on September 1.

It is too soon to know if there have been any additional incidents.

Either way, it is good news that the government is enforcing cyber security rules.