House Republicans Seek Answers on Biden-Era Data Breach of 256,000 Consumers

House Democrats recently blamed the Trump administration’s efforts to rein in the Consumer Financial Protection Bureau for poor information security. But the agency was fully staffed during the Biden administration when a massive–and still unresolved–data breach occurred. 

In February 2023, CFPB experienced a data breach that forwarded the confidential information of 256,000 consumers to a personal email address. The CFPB fired the staffer who emailed a spreadsheet with the names, transactions, and account numbers. 

The breach may have contained customer information from more than 50 financial institutions.

Protecting data of consumers compromised in this breach is a separate issue from whether the CFPB should continue to exist in its current state, Rep. Pete Sessions, R-Texas, a member of the House Financial Services Committee, told The Daily Signal.

He said he intends to find out directly from the agency.

“I have not blown off or forgotten about this,” Sessions noted. “The big question that needs to be answered is when were notices given to consumers?”

“If the CFPB has followed the law, people who were affected have been notified,” he said. “I will go directly to the CFPB and ask questions to be sure they follow the law.”

Trump named Office of Management and Budget Director Russ Vought acting director of the CFPB, which falls under the Federal Reserve. Vought eliminated the agency’s budget request for the next quarter and ordered about 1,700 employees not to perform any work.

Vought has proposed cutting the CFPB workforce by as much as 90%. 

“CFPB is an unaccountable agency that DC bureaucrats have weaponized to the detriment of consumers,” Rep. Andy Barr, R-Ky., chairman of the House Financial Services Subcommittee on Financial Institutions, told The Daily Signal. 

“Under Democrat control, the bureau was responsible for one of the biggest data breaches in recent American history,” Barr said. “I commend Director Russ Vought and President Trump for cleaning up the rogue CFPB, empowering consumers and financial institutions.” 

In November, Rep. Maxine Waters, D-Calif., the ranking member of the House Financial Services Committee, pointed to an audit by the Federal Reserve’s Office of Inspector General that said staffing and funding cuts at the CFPB were to blame for lack of information security. 

“To put it bluntly: consumers and their data are more at risk than ever and more vulnerable to bad actors due to the Trump Administration’s harmful actions,” a Waters press release says. “The continued dismantling of the CFPB will only worsen this crisis.” 

A Waters spokesperson did not respond to inquiries for this story on Tuesday.

The IG report says security issues were “compounded by the loss of contractor resources supporting information security continuous monitoring and testing activities and the departure of agency personnel.” 

Experts have noted that personal financial information stored at the agency has been in jeopardy since the agency’s beginning. 

A CFPB spokesperson did not immediately respond to The Daily Signal for this story on Monday or Tuesday.

After the 2023 breach happened, a CFPB spokesperson said in a statement at the time, “The CFPB takes data privacy very seriously, and this unauthorized transfer of personal and confidential data is completely unacceptable.” 

The CFPB was established by the 2010 Dodd-Frank financial reform legislation to regulate banks, credit card companies, lenders, and other financial services companies. It receives funding through the Federal Reserve.

The post House Republicans Seek Answers on Biden-Era Data Breach of 256,000 Consumers appeared first on The Daily Signal.