OCC Imposes $80 Million Penalty in Connection With Bank Data Breach

In a landmark enforcement action related to a bank data breach, the Office of the Comptroller of the Currency assessed an $80 million civil monetary penalty and entered into a cease and desist order with the bank subsidiaries of Capital One on August 6, 2020.

The actions follow a 2019 cyber-attack against Capital One.  The Federal Reserve Board also entered into a cease and desist order with the banks’ parent holding company.  The OCC actions represent the first imposition of a significant penalty against a bank in connection with a data breach or an alleged failure to comply with the OCC’s guidelines relating to information security.

Click here, to continue reading on the Cleary Enforcement Watch blog.