885 Million Mortgage Documents Exposed Thanks to Website Vulnerability -- Security Today

885 Million Mortgage Documents Exposed Thanks to Website Vulnerability

First American Financial Corporation was made aware of a flaw that exposed their client's mortgage documents.

By Sydny Shepard
May 29, 2019

Another week, another vulnerability making the private information public to the world. Last week, it was First American Financial Corporation who was notified by a well-known cybersecurity blogger that a flaw in its website was risking the information on 885 million records related to mortgage deals that dates back nearly 16 years.

According to Brian Krebs, writer of Krebs on Security, a flaw in an internet application allowed anyone with any basic web browser to see confidential data such as Social Security numbers, bank account details, driver's license and mortgage and tax records.

The vulnerability was reported by Krebs on his blog and First American Financial quickly blocked all access as of last Friday.

"We are currently evaluating what effect, if any, this had on the security of customer information," the company said in a statement. "We will have no further comment until our internal review is completed."

According to the Associated Press, if the 885 million records were harvested by a bad actor, it would rank among one of the biggest leaks of data on the internet.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Enhancing Situational Awareness

In an era marked by technological advancements and increasing security concerns, the integration of artificial intelligence (AI) into video surveillance systems has revolutionized situational awareness and critical infrastructure protection. Read Now
Survey: Insider Threats Surge Across U.S. Critical Infrastructure

Over three-quarters (77%) of organizations across US critical national infrastructure (CNI) have seen a rise in insider-driven cyber threats in the last three years, according to new research by leading cyber security services firm Bridewell. Read Now
The Impact of Strategic Technology Partnerships

It may sound counterintuitive, but transparency is vital in the security industry. While many solutions block, divert and alert to imminent threats, at its core, security is rooted in the critical clarity between what the end-user needs and what the provider can offer Read Now
- Dealers and Integrators
FTC Warns About Misuses of Biometric Information and Harm to Consumers

The Federal Trade Commission recently issued a warning that the increasing use of consumers’ biometric information and related technologies, including those powered by machine learning, raises significant consumer privacy and data security concerns and the potential for bias and discrimination. Read Now
- Cybersecurity

Whitepapers

Webinars

New Products

LiftMaster Garage Door Opener

LiftMaster Transforms the Garage Door Opener Into a Sleek Smart Home Device That Does More Than Open and Close the Garage Door 3
Dinkle DKU Barrier Terminal Blocks

New DKU screw type terminal blocks use a spring-guided system where the screws are integrated and captive within the terminal enclosure. These screws can be backed out so that ring- or U-shaped cable lugs can be inserted, without the possibility of losing the screw. 3
FlexPower® Global™ Series (FPG) from LifeSafety Power

The FlexPower® Global™ Series (FPG) from LifeSafety Power—designed to provide DC power for access control systems in international applications—is now PSE listed for Japan and compatible with the country’s 100VAC applications. 3

885 Million Mortgage Documents Exposed Thanks to Website Vulnerability

Security Industry Association Establishes National Security Systems Technician Apprenticeship Program

Arcules and Genea Integrate Cloud-Based Security Solutions for a Powerful SaaS Combination

Convergint Doubles Down on Financial Sector Business as Institutions Invest in Branch Automation, Safety, and Security