Consumer Financial Protection Board (CFPB) Hacked Hundreds of Times

Data Breach: The same day lawmakers were grilling Mark Zuckerberg about Facebook’s handling of private data, Congress heard testimony about a privacy scandal that is infinitely worse. Too bad everybody ignored the latter revelation.


In this case, the villain isn’t a private company or a Trump campaign advisor, but the federal government, which has been Hoovering up oceans of highly sensitive financial data on hundreds of millions of Americans under the guise of “consumer protection” — without taking basic steps to protect it.

And, unlike with Facebook, nobody has volunteered to have the government collect this private data.

On Wednesday, Mick Mulvaney told Congress that the Consumer Financial Protection Board was hacked 240 times — that he knows of — and possibly another 800 times.

As a result, he said, “data got out that should not have got out.”

Why does this matter?

Democrats created the CFBP as part of the Dodd-Frank financial reform bill. The goal was to create a powerful agency devoted to, as the name implies, protecting consumers from abuse at the hands of banks, credit card companies, and lenders.

But once in operation, the CFBP started collecting and stockpiling data from more than 600 million credit card accounts, along with personal data from almost all mortgage loans taken out since 1998, as well as car payments and other financial data. All without anyone’s knowledge or consent.

That means the CFBP has a storehouse of highly personal data — Social Security numbers, bank accounts, mortgage information, credit card data — on just about every American. It’s a data set Facebook could only dream of getting its hands on.

Worse, while the CFBP was sucking up all this data, it failed to install proper cybersecurity protection, a fact that independent auditors repeatedly pointed out to its leaders.

In 2014, the Government Accountability Office warned that “additional efforts are needed in several areas to reduce the risk of improper collection, use, or release of consumer financial data.”

A year later, an inspector general audit found that the CFBP had still “not yet fully implemented a number of privacy control steps and information security practices.”

Even as recently as last fall, the IG said that the agency still “has further opportunities to ensure that its information security program is effective”

Worse, as we noted in this space three years ago, the CFPB “is sharing the massive databases with outside contractors and storing sensitive private information on unsecured clouds, making the data extra vulnerable to cyberattacks.”

So, what we have here is a federal agency that is supposed to protect consumers’ finances actually making them worse by its gross mishandling of financial data that it had not good reason to be collecting in the first place.

Even for government work, that’s not good enough.


Zuckerberg Starts Talking, And Makes Facebook’s Problems Even Worse

Obama Spying On Consumers Without Security Protections

Don’t Pick A New Head For CFPB — Close It Down Instead

Source link

Originally posted 2019-09-19 23:12:43.


No comments.

Leave a Reply

error: Content is protected !!