At CyberStreams, we work with small businesses, law firms, universities, non-profits, manufacturers—to stay ahead of the growing wave of cyber threats. One recent incident underscores just how high the stakes have become.

The US Treasury’s Office of the Comptroller of the Currency (OCC) recently disclosed a major cybersecurity breach that went undetected for nearly two years. From May 2023 to February 2025, attackers quietly accessed 150,000 emails across 103 accounts. The breach was discovered only on February 11, 2025, by Microsoft. This marks the third major Treasury-related incident in recent months, following earlier breaches at the Office of Foreign Assets Control (OFAC) and the Committee on Foreign Investment in the US (CFIUS), both linked to China’s Silk Typhoon group.

Why This Matters for Your Business

This incident is more than just another government data breach, it’s a red flag for every business. The OCC breach, officially deemed a “major incident” under the Federal Information Security Modernization Act, exposed sensitive financial communications that could potentially impact national security and economic stability.

In response, leading banks such as JPMorgan Chase and BNY Mellon suspended electronic data sharing with the OCC due to uncertainty about data integrity. The breach highlights how attackers especially those linked to nation-states—are no longer just targeting high-profile entities. They are casting a wider net, and small businesses are increasingly caught in it.

Experts warn that adversarial nations could weaponize stolen information to manipulate financial markets or pressure regulated entities. While the OCC has not officially attributed the breach to any group, the similarities to known Silk Typhoon tactics raise significant concern. Email continues to be the most common attack vector, with 94 percent of malware delivered this way, according to the 2024 Verizon Data Breach Investigations Report.

What Small Businesses Should Do Now

Small business leaders cannot afford to ignore these warning signs. You must act decisively and proactively to protect your systems, particularly email infrastructure.

1. Audit Your Email Security
   Conduct a comprehensive security audit, with a focus on email access and multi-factor authentication (MFA). The OCC’s compromised administrative account might have been avoided with basic protections in place. CyberStreams can help you assess and shore up these vulnerabilities.

2. Implement Real-Time Threat Detection
   Breaches that go undetected for months or years are becoming the norm. Use AI-powered tools that offer continuous monitoring. CyberStreams Microsoft 365 Protection platform detects and neutralizes threats within minutes, often before they can do real damage.

3. Train Staff on Email Threats
   Your first line of defense is your team. Make sure employees understand how phishing works and why MFA matters. CyberStreams offers short, targeted trainings about two minutes each week that keep email security top of mind without overwhelming your staff.

Conclusion: Don’t Wait for a Crisis

The breach at the US Treasury's OCC is a wake-up call. It shows that even large, well-funded institutions with regulatory responsibilities can fall victim to long-term, undetected cyberattacks. For small businesses, the risks are just as real if not more so given limited resources and growing attack surfaces.

Now is the time to act. Audit your systems, strengthen your defenses, and train your team. The threats are evolving, but with the right strategy, you don’t have to be the next target. Let CyberStreams help you stay ahead.