Bloomberg the Company & Products

Bloomberg Anywhere Login

Bloomberg

Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.

Company

Financial Products

Enterprise Products

Media

Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000

Communications

Industry Products

Media Services

Follow Us

CFTC Data Breach Risks Employees’ Social Security Numbers

CFTC Data Breach Risks Agency Employees’ Social Security Numbers
The Commodity Futures Trading Commission told employees that it would be implementing additional security controls for CFTC computer systems and increasing training for staff, including those who handle personal information. Photographer: Andrew Harrer/Bloomberg

June 25 (Bloomberg) -- The U.S. Commodity Futures Trading Commission suffered a data breach in May, putting at risk Social Security numbers and personal information of employees of the country’s top derivatives regulator.

A CFTC employee received a “phishing” e-mail on May 21 and input information to a fraudulent website, according to a copy of an e-mail sent to agency employees that described the incident. A third-party was then able to illegally enter the employee’s account, which had access to personnel information, according to the agency’s description of the incident.

“The e-mail account contained e-mails and attachments with the names, Social Security numbers and possibly other sensitive personally identifiable information of certain individuals,” according to the e-mail description. The CFTC has about 700 employees and regulates U.S. futures and swaps markets.

The e-mail description was confirmed last week by CFTC spokesman Steve Adamske. “The CFTC believes at this time that the data breach is contained to employee information and does not compromise any trading or market data. Law enforcement has been contacted and we will work with them as appropriate,” John Rogers, chief information officer at the CFTC, said in an e-mail statement on June 22.

The agency told employees that it would be implementing additional security controls for CFTC computer systems and increasing training for staff, including those who handle personal information. The CFTC arranged for employees to receive identity protection from a credit-monitoring company.

The agency is writing regulations required under the 2010 Dodd-Frank Act that will govern trading by JPMorgan Chase & Co., Goldman Sachs Group Inc. and other companies in the $648 trillion global swaps market.

To contact the reporter on this story: Silla Brush in Washington at sbrush@bloomberg.net

To contact the editor responsible for this story: Maura Reynolds at mreynolds34@bloomberg.net

Please upgrade your Browser

Your browser is out-of-date. Please download one of these excellent browsers:

Chrome, Firefox, Safari, Opera or Internet Explorer.