Summary: The US Treasury’s Office of the Comptroller of the Currency (OCC) experienced a significant email breach lasting over a year, involving unauthorized access to sensitive financial information through a compromised administrative account. The breach was confirmed on February 12, 2025, and has triggered a thorough review and analysis of impacted accounts. No immediate impact on the financial sector has been reported, but the investigation is ongoing to assess the breach’s full scope and accountability measures.
Affected: Office of the Comptroller of the Currency (OCC)
Keypoints :
- Unauthorized access to about 150,000 OCC emails, including those of senior officials, was detected.
- The breach lasted from May 2023 until its detection in early 2025.
- The nature of the security incident raises concerns about potential links to previous attacks attributed to China-linked groups.