Falling prey to a phishing scam sent via email, an employee of the U.S. Commodity Futures Trading Commission (CFTC) allowed a hacker to access their account, exposing personal records that included Social Security numbers, according to Bloomberg Businessweek. Up to 700 employees had their personal information compromised in the data breach.
Although unconnected to any one incident in particular, a handful of Republican senators introduced a piece new data breach and security legislation on June 21. According to Ars Technica, the bill would require data owners and either the Secret Service or the FBI to be notified of data loss "as expeditiously as practicable," while disclosing how the breach occurred.
Fines up to $500,000 would be issued for lost data such as SSNs, passwords and security or financial information. The bill is the fifth time that lawmakers have attempted to pass nationwide legislation regarding data protection, with attempts from 2003 up through 2011 stalling before they could be enacted.
The chain reaction stemming from the phishing email began at the CFTC on May 21, with the commission issuing a statement on the breach more than one month later on June 22, according to Bloomberg.
