Bloomberg the Company & Products

Bloomberg Anywhere Login


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Bloomberg News

CFTC Data Breach Risks Employees’ Social Security Numbers

June 25, 2012

CFTC Data Breach Risks Employees’ Social Security Numbers

The CFTC arranged for employees to receive identity protection from a credit-monitoring company. Photographer: Thomas Northcut/Getty Images

The U.S. Commodity Futures Trading Commission suffered a data breach in May, putting at risk Social Security numbers and personal information of employees of the country’s top derivatives regulator.

A CFTC employee received a “phishing” e-mail on May 21 and input information to a fraudulent website, according to a copy of an e-mail sent to agency employees that described the incident. A third-party was then able to illegally enter the employee’s account, which had access to personnel information, according to the agency’s description of the incident.

“The e-mail account contained e-mails and attachments with the names, Social Security numbers and possibly other sensitive personally identifiable information of certain individuals,” according to the e-mail description. The CFTC has about 700 employees and regulates U.S. futures and swaps markets.

The e-mail description was confirmed last week by CFTC spokesman Steve Adamske. “The CFTC believes at this time that the data breach is contained to employee information and does not compromise any trading or market data. Law enforcement has been contacted and we will work with them as appropriate,” John Rogers, chief information officer at the CFTC, said in an e-mail statement on June 22.

The agency told employees that it would be implementing additional security controls for CFTC computer systems and increasing training for staff, including those who handle personal information. The CFTC arranged for employees to receive identity protection from a credit-monitoring company.

The agency is writing regulations required under the 2010 Dodd-Frank Act that will govern trading by JPMorgan Chase & Co. (JPM:US), Goldman Sachs Group Inc. (GS:US) and other companies in the $648 trillion global swaps market.

To contact the reporter on this story: Silla Brush in Washington at

To contact the editor responsible for this story: Maura Reynolds at

blog comments powered by Disqus