Mon, Jan 26, 2015
Palm Springs (Calif.) FCU will receive payment of up to $50,000 for costs associated with a data breach caused when a thumb drive given to an examiner was lost during an examination. The agency announced the reimbursement during its open board meeting Thursday.
The NCUA funds are intended to pay the credit union for activities such as credit report monitoring for members, credit union staff time associated with the breach and legal fees.
The agency noted in a release, "To date, the related costs associated with the data breach are approximately $36,000. Payments will come from NCUA's existing operating funds. In the event costs ultimately exceed $50,000, subsequent board action would be required."
Almost from the outset the NCUA has said the lost stored data was the results of a failure to follow longstanding agency policies on securing sensitive data. The agency has said the thumb drive did not include passwords or personal identifications numbers--PINs--and that the NCUA has received no indication of any unauthorized access to members' accounts or attempts to gain improper access.
The agency statement declares: NCUA takes its responsibilities for the security of credit union members' personally identifiable information very seriously and is committed to ensuring data shared in exams is protected at all times. The agency is taking appropriate action with staff involved in the incident and is reinforcing training on protecting sensitive information and reviewing regulations, policies and procedures in this area. NCUA is also moving as quickly as possible to consider and adopt additional safeguards to protect electronic data.
Source: CUNA News Now