Did you know that the Consumer Financial Protection Bureau (CFPB) does not accept complaints against itself? That is what I was told when I tried to make such a complaint, right before being directed to submit my complaint by email to an address that is no longer monitored.
So much for protecting consumers….
Earlier this year, a former employee of the CFPB forwarded confidential records of 256,000 consumers to their personal email account.
The breach, which CFPB described as a “major incident,” was reported by the Wall Street Journal and confirmed by CFPB officials to lawmakers on March 21.
The records not only included details of consumers from one institution but also from seven other firms, compromising confidential supervisory information of 45 institutions in total. The reason for the unauthorized transfer remains unknown.
On behalf of the 256,000 American consumers whose protected information was compromised by the agency tasked with protecting consumers, what are we supposed to do? That’s a lot of consumer data lost. Are you affected? Am I affected? According to the latest reports, the CFPB has still not notified affected consumers.
Despite the CFPB’s request, the employee hasn’t deleted the emails, although no evidence suggests the data was shared further. The CFPB investigation found numerous emails with confidential and personal information.
The incident has drawn criticism from Republican lawmakers questioning the CFPB’s data handling. In response, the CFPB emphasized its commitment to data privacy.
As a consumer, what recourse do we have? If the CFPB found that a financial institution had suffered a breach of a similar magnitude, the fines and fees would be astronomical. For example, a 2017 data breach suffered by Equifax resulted in a settlement that would provide $700 million in monetary relief and penalties.
In a press release, I recently learned that CFPB Director Rohit Chopra was visiting Albuquerque, New Mexico. I called the CFPB to ascertain details of the visit with the intention of asking Chopra more about the anticipated outcomes of the data breach and any subsequent investigation. I was directed to call the news office, which failed to return my call and has not responded to my email.
Since I won’t be able to ask these pertinent questions of the director, I sought to emulate the complaint process by filing a complaint. I called the CFPB to file a complaint against the CFPB. “We don’t take complaints against ourselves” was the official response.
The call center agent kindly provided me with an email address of the Office of the Inspector General and the phone number for that office.
I sent an email with my concerns about the data breach to the provided email, and received an automated response:
“The Office of Inspector General (OIG) of the Board of Governors of the Federal Reserve System (Board) and the Consumer Financial Protection Bureau (CFPB) Hotline no longer accepts e-mailed complaints and this mailbox is no longer monitored by OIG staff.”
After some searching, I found the online form for the OIG Hotline and was able to complete and submit my complaint there. But I received no confirmation that my complaint had been received with a notice that OIG is “unable to provide status updates” about my complaint.
No paper trail for consumer complaints against the CFPB? That’s odd. Despite the inability of the CFPB to receive and process complaints about themselves, I promptly filed a complaint using the CFPB’s online portal since I was left with no other alternative.
One of the fields on the complaint form asks a pertinent question: “What would be a fair resolution to this issue?” My response was “Complete defunding and deconstruction of the Consumer Financial Protection Bureau.”
The CFPB has given me the runaround. I can only imagine how hopeless the other 255,999 consumers feel about their privacy being violated by the agency supposedly tasked with safeguarding American consumers.
Something tells me that we need the Bureau to Protect Financial Consumers from the Consumer Financial Protection Bureau, or the BPFCCFPB.
Originally published at foxnews.com January 22, 2024.