financialservices.house.gov

Cmte Financial Services (R)
Contact:



Ranking Member McHenry Presses Fed for Capital One Data Security Breach Details


Washington, Aug 5 -

WASHINGTON – Today, Republican leader of the House Financial Services Committee, Patrick McHenry (NC-10), sent a letter to Vice Chair for Supervision at the Federal Reserve, Randal Quarles, following the recent Capital One Financial Corporation data security breach that affected nearly 100 million Americans. The Ranking Member asked the Federal Reserve to provide information on the breach, specifically whether “any suspicious activity was noted during the Federal Reserve’s examination of Amazon or through the course of regular examinations of Capital One.” Additionally, Ranking Member McHenry requested “a detailed explanation of the Federal Reserve’s examination procedures as they relate to financial institutions’ third party service provider relationships,” to fully understand the role the Federal Reserve plays in examining such providers.

Read the full letter here or below:

The Honorable Randal Quarles
Vice Chair for Supervision
Federal Reserve Board of Governors
20th Street and Constitution Avenue, NW
Washington, D.C. 20551

Dear Vice Chairman Quarles:

I write following the recent Capital One Financial Corporation (Capital One) data security breach that affected nearly 100 million individuals in the United States and 6 million in Canada.  Relatedly, it has been publicly reported that Federal Reserve staff conducted a formal investigation of an Amazon facility at approximately the same time Paige A. Thompson is alleged to have stolen sensitive Capital One data from Amazon’s cloud.

Given the magnitude of this incident and the dangerous trend seen with an increasing number of data breaches, it is vital that Congress fully understand not only the details of this specific event but also the comprehensive supervisory approach taken by the Federal Reserve.

To that end, I ask that you provide information on the Capital One breach, including an indication of whether any suspicious activity was noted during the Federal Reserve’s examination of Amazon or through the course of regular examinations of Capital One. I also request that you provide a detailed explanation of the Federal Reserve’s examination procedures as they relate to financial institutions’ third party service provider relationships. Of greater interest is the role the Federal Reserve plays in examining those third party service providers. Such information will not only provide Congress with a better understanding of this incident but also the authorities and potential limitations the Federal Reserve has in protecting the financial information of American consumers.

I look forward to your immediate response and a serious, robust conversation on the broader issue of data security.

Sincerely,

Patrick McHenry
Ranking Member