In the wake of a significant cyberattack on the Office of the Comptroller of the Currency (OCC), several major U.S. banks are reconsidering their protocols for sharing sensitive information with the regulatory agency. This decision comes after reports indicated that hackers accessed over 100 accounts within the OCC’s email system over a year.

Impact of the Cyberattack

According to Bloomberg, financial institutions such as JPMorgan Chase and Bank of New York Mellon have suspended electronic data transfers to the OCC as a precaution. Meanwhile, Bank of America is exploring more secure electronic channels for its communications with the agency.

The attack was labeled a “major incident” by the OCC and the U.S. Treasury, raising alarms about the potential compromise of sensitive information related to various financial entities. However, the identity of the hackers behind the breach remains undisclosed.

Regulatory Response and Concerns

Reports from The Wall Street Journal indicate that banks are increasingly worried about the breach and how the OCC has managed the situation’s disclosure. Many institutions are still seeking clarity on precisely what information might have been accessed without authorization.

About the OCC

The OCC is an independent bureau within the U.S. Department of the Treasury, overseeing more than 1,000 national banks, federal savings associations, and U.S. branches of foreign banks. Currently, the agency is under the temporary leadership of Rodney Hood, a former member of the National Credit Union Administration Board.

Types of Sensitive Information at Risk

Among the critical data shared with the OCC are reports pertaining to cybersecurity practices and National Security Letters, which may contain classified information related to national security threats, including terrorism and espionage.

• Reports on cybersecurity practices
• National Security Letters with potential classified details