FBI chief: Corporate hack victims can trust we won’t share info

Twitter takes steps to prevent crypto scams on platform
March 7, 2018
Senators ask vote machine vendors about Russian access to source code
March 7, 2018
This post was originally published on this site

BOSTON (Reuters) – The FBI views companies hit by cyber attacks as victims and will not rush to share their information with other agencies investigating whether they failed to protect customer data, its chief said Wednesday.

FILE PHOTO – FBI Director Christopher Wray speaks at the 2018 Boston Conference on Cyber Security at Boston College in Boston, Massachusetts, U.S., March 7, 2018. REUTERS/Faith Ninivaggi

Christopher Wray, director of the Federal Bureau of Investigation, encouraged companies to promptly report when they are hacked to help the FBI investigate and prevent future data breaches.

He contrasted the FBI’s approach to that of other regulators and state authorities. Without naming other agencies, Wray referred to “less-enlightened enforcement agencies,” some of which he said take a more adversarial approach.

“We don’t view it as our responsibility when companies share information with us to turn around and share that information with some of those other agencies,” Wray said in response to an audience question at a cyber security conference at Boston College.

Amid a wave of high-profile data breaches at major corporations, the Federal Trade Commission (FTC) and state attorneys general are investigating how many of them secured consumer data before they were hacked.

Equifax Inc, which suffered a breach in 2017 that compromised the data of more than 147 million consumers, is fighting a lawsuit by Massachusetts Attorney General Maura Healey and faces probes by over 40 other states and the FTC.

Ride-sharing company Uber Technologies Inc [UBER.UL] is also facing investigations by state attorneys general after a data breach of 57 million accounts.

Uber has been sued by the states of Washington and Pennsylvania, and like Equifax faces private class action lawsuits over the breach.

Speaking at the conference, Wray said the FBI needed to partner with the private sector to combat an evolving threat that has “turned into full-blown economic espionage and extremely lucrative cyber crime.”

Wray, who took over as director in August, said in order to prevent cyber threats, companies should approach the FBI as soon as they see signs of unauthorized access to their computer systems or malware infesting them.

“At the FBI, we treat victim companies as victims,” he said.

Reporting by Nate Raymond in Boston; Editing by Jeffrey Benkoe