Washington, D.C. – Committee on Science, Space, and Technology Chairman Lamar Smith (R-Texas) and Oversight Subcommittee Chairman Barry Loudermilk (R-Ga.) today sent a letter to U.S. Federal Reserve Chair Janet Yellen following reports that the Federal Reserve detected more than 50 cyber breaches between 2011and 2015. These breaches include incidents involving hackers, as well as other breaches described by news reports as “espionage.”
“These reports raise serious concerns about the Federal Reserve’s cybersecurity posture, including its ability to prevent threats from compromising highly sensitive financial information housed on the agency’s systems,” the letter states.
Of the over 50 breaches identified by the Federal Reserve’s National Incident Response Team (NIRT), suspected hackers or spies are responsible for multiple incidents. Hacking incidents were cited in 140 of the 310 reports provided by the Federal Reserve to Reuters in response to a Freedom of Information Act (FOIA) request. Four hacking incidents in 2012 alone were considered acts of “espionage.”
“Given the especially sensitive data stored on the Federal Reserve’s systems, which could be extremely valuable in the hands of foreign governments and those who seek to threaten the stability of the U.S. financial system, the Committee is interested in learning how NIRT responds to security incidents, and how the group works to prevent threats from compromising information contained on the Federal Reserve’s systems.”
In addition to a briefing on the Federal Reserve’s cybersecurity posture and its response to the security incidents, the Committee is requesting documents and information related to these incidents.
The oversight of these cybersecurity events is part of the Committee’s commitment to ensure sensitive information is secure at all federal agencies. Today’s letter follows the Committee’s investigation of repeated data breaches at the Federal Deposit Insurance Corporation (FDIC), and its oversight of a recent security event at the Federal Reserve Bank of New York in which approximately $101 million was stolen from the Bank of Bangladesh accounts.