A Commodity Futures Trading Commission (CFTC) staffer fell for a phishing scam last month, putting the regulator's employees' personal information at risk.
In a message sent to staff, seen by Bloomberg, the watchdog says that an employee was duped by a phishing e-mail on 21 May and entered information on a fraudulent Web site.
"The e-mail account contained e-mails and attachments with the names, Social Security numbers and possibly other sensitive personally identifiable information of certain individuals," says the message.
John Rogers, CIO, CFTC, confirmed the incident to Bloomberg but says that trading and market data has not been compromised. Law enforcement has been brought in, new computer security controls are being put in place, and staff training stepped up.
CFTC Data Breach Risks Employees' Social Security Numbers - Bloomberg