The recent disclosure that an NCUA examiner lost the flash drive containing confidential information of members of Palm Springs Federal Credit Union was unfortunate and troubling. It was unfortunate for it to have happened at all but more troubling is the failure of the NCUA to disclose when it occurred, not telling the industry that it happened and what steps the agency has taken to prevent its reoccurrence.
The data breach took place in October and yet it was not until two months later that the agency acknowledged the incident. And that acknowledgement came only after CU Times obtained a copy of the letter sent to all Palm Springs members. Despite this disclosure, NCUA refuses to confirm an NCUA examiner was responsible for the loss.
The letter itself is interesting. Nowhere is it mentioned that the flash drive was lost during an NCUA examination. It refers to records being "audited" and the "audit process". NCUA does not perform audits. Use of the word audit would lead one to believe that the breach was caused by the credit union's CPA or internal auditor.
Continue Reading for Free
Register and gain access to:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts.
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders.
- Educational webcasts, white papers, and ebooks from industry thought leaders.
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com.
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
