June 16, 2005

Some 6,000 former and current employees of the Federal Deposit Insurance Corporation (FDIC), the agency responsible for insuring Americans' bank accounts from theft, were themselves victims of an identity breach 18 months ago.

Last Friday, June 10, the FDIC began sending letters to all those employed with the agency in July 2002, telling them to be "vigilant over the next 12 to 24 months" in monitoring their credit reports and financial information.

The actual breach, however, took place early in 2004. According to an FDIC spokesperson, "it was only recently that we were notified of the problem. As soon as possible after that, we began notifying employees."

The spokesperson declined to say why the breach went unnoticed for such a long time.

The FDIC admitted in the letter that in a "small number of cases," the purloined data was used to obtain fraudulent loans from a credit union.

Although the FDIC refused to detail the breach, saying that the matter "was under active investigation by the FBI," its spokesperson did say that "it wasn't a technology-related breach." During a Senate hearing on identity theft and possible legislation to protect Americans from the recent flood of data thefts or losses, several of the senators mentioned the FDIC's breach, and called it just the latest in a long string of bad news for consumers.