The agency created by President Barack Obama to protect consumers from financial fraud has amassed sensitive credit-card data on tens of millions of Americans without properly securing the information from hackers or leaks, says a federal audit reported by the
National Journal.
The Consumer Financial Protection Bureau has downloaded data from up to 75 million cardholders since its inception in 2011, and can access upward of 600 million credit-card accounts, but still has no plan in place for data protection and privacy, the non-partisan Government Accountability Office reported on Monday.
The potentially unsecured data also includes details on individual mortgages and student loans, the National Journal reported.
The GAO report concluded that the "CFPB has taken steps to protect and secure these data collections," but added, "additional efforts are needed in several areas to reduce the risk of improper collection, use, or release of consumer financial data."
The report said the CFPB has failed to draft a data privacy and protection policy or document its harvests of "sensitive" financial information.
The Republican senator who requested the audit slammed the consumer agency — which was created under the Dodd-Frank law regulating financial institutions after the 2008 financial collapse — on Monday.
"The CFPB's massive data collection effort is an unwarranted, unwelcome intrusion into the private financial lives of millions of Americans," said Sen. Mike Crapo, of Idaho, ranking Republican on the Senate Banking Committee.
"At a time when data and identity-related crimes are at an all-time high, the last thing the American people need is one more federal agency collecting their private financial information," Crapo said.
The CFPB released a statement on Monday defending it data collections as part of "its mission to protect consumers," while agreeing with the GAO's recommendations for better documentation of the process, the National Journal reported.
© 2025 Newsmax. All rights reserved.