ATProto Browser
Experimental browser for the Atmosphere
Experimental browser for the Atmosphere
Dir. of Enterprise Data and Analytics at CFPB says the RIF would have left the agency's data “vulnerable and likely to be corrupted, deleted, or lost,” vulnerable to insider threats, and “vulnerable to outsider attacks, including from other nation states.“ storage.courtlistener.com/recap/gov.us...
Apr 26, 2025, 11:03 AM
{
"uri": "at://did:plc:32lvgu3krzhhw3h6k3pme72r/app.bsky.feed.post/3lnplnwb3zs2m",
"cid": "bafyreig3u5dilqw5awzrgh2ir5oetaf7krqyg6qtg2sxu5n2xvbgdrwfja",
"value": {
"text": "Dir. of Enterprise Data and Analytics at CFPB says the RIF would have left the agency's data “vulnerable and likely to be corrupted, deleted,\nor lost,” vulnerable to insider\nthreats, and “vulnerable to outsider attacks,\nincluding from other nation states.“\n\nstorage.courtlistener.com/recap/gov.us...",
"$type": "app.bsky.feed.post",
"embed": {
"$type": "app.bsky.embed.images",
"images": [
{
"alt": "19. As part of my role as the head of EDA, I worked with the cybersecurity team. I\nam therefore familiar with the work that it performs and believe that the RIFs, had they not been paused, would have immediately compromised the agency's data and related systems. The two remaining employees would not have been able to perform the critical cybersecurity work currently performed by more than 20 people.\n20. That would leave the agency's data vulnerable and likely to be corrupted, deleted,\nor lost for three reasons. First, the Bureau relies on dozens of vendors to maintain its data systems and those vendors frequently send out updates to their platforms. It is my understanding that the Bureau cannot blindly accept those updates, but must instead perform testing to see if\nthey would compromise agency data and put in place mitigation controls and patches as\n6",
"image": {
"$type": "blob",
"ref": {
"$link": "bafkreiefqxvag2vhf7blf37pmesfxpmsp7janctl5txnrbkybo6jaelpue"
},
"mimeType": "image/jpeg",
"size": 125164
},
"aspectRatio": {
"width": 750,
"height": 487
}
},
{
"alt": "21. Second, the Bureau is vulnerable to improper data handling by people within the\nBureau. It is my understanding that the cybersecurity team had what is referred to as an insider\nthreat team responsible for identifying improper access that could lead to mishandling of data, whether because of incompetence or maintent. I understand that, in the cybersecurity field, so-called insider threats are viewed as the greatest risk to data security. It is my understanding\nthat this entire team received a RIF notice.\n22. Third, the RIFs would leave the Bureau's data vulnerable to outsider attacks,\nincluding from other nation states. The scale and publicity of the cuts would make it a public fact that the Bureau lacked adequate cybersecurity controls, increasing the chances of intentional attempts to gain improper access to Bureau data.",
"image": {
"$type": "blob",
"ref": {
"$link": "bafkreif3izkbkls2fswvvfip6gvkbrpq2acnm7x7wweieftkmnqon55iza"
},
"mimeType": "image/jpeg",
"size": 140988
},
"aspectRatio": {
"width": 750,
"height": 445
}
}
]
},
"langs": [
"en"
],
"reply": {
"root": {
"cid": "bafyreiftrrjkmmgen4wahb4dbqj3fv6jxa4tg6v2l7v5p7l5jlnqacogci",
"uri": "at://did:plc:32lvgu3krzhhw3h6k3pme72r/app.bsky.feed.post/3lnpgxzfsik2m"
},
"parent": {
"cid": "bafyreifquq6uw7indc55icvj6sihrgmuprtl3ze2k7gzrqho4j6r2jkstq",
"uri": "at://did:plc:32lvgu3krzhhw3h6k3pme72r/app.bsky.feed.post/3lnpl66u4q22m"
}
},
"facets": [
{
"index": {
"byteEnd": 307,
"byteStart": 266
},
"features": [
{
"uri": "https://storage.courtlistener.com/recap/gov.uscourts.dcd.277287/gov.uscourts.dcd.277287.127.17.pdf",
"$type": "app.bsky.richtext.facet#link"
}
]
}
],
"createdAt": "2025-04-26T11:03:48.508Z"
}
}