Before his retirement, an employee of the Office of the Comptroller of the Currency (OCC) uploaded more than 10,000 OCC records onto two removable thumb drives. He retired in November 2015; the agency didn’t discover the breach until the following September. That left almost a year between breach and detection. The OCC was not able to recover the thumb drives.
To read this article in full or to leave a comment, please click here
from CSO Online Data Protection http://www.csoonline.com/article/3197404/security/how-to-maintain-data-oversight-to-avoid-shadow-data.html#tk.rss_dataprotection