First American Financial Corporation, a provider of title insurance, said Friday that it had fixed a vulnerability in its website that exposed 885 million records related to mortgage deals going back 16 years.
The vulnerability would have allowed anyone to gain access to Social Security numbers, bank account details, drivers license and mortgage and tax records.
The security failure was first reported by Brian Krebs, the cybersecurity writer who last year reported a flaw in the way Facebook was storing hundreds of millions of user passwords.
First American, based in Santa Ana, Calif., said in a statement Friday afternoon that it addressed the security gap after it was notified by Mr. Krebs. "We are currently evaluating what effect, if any, this had on the security of customer information," the company's statement said. "We will have no further comment until our internal review is completed."
The incident was the latest example of an under-the-radar company that retained enormous amounts of sensitive personal and financial data but was not effectively protecting that information.
Security Gap Leaves 885 Million Mortgage Documents Exposed
Additional Coverage:
(Score: 5, Insightful) by agr on Sunday May 26 2019, @12:05PM
It’s long past time to ban the practice of using Social Security numbers as authentication secrets. They have been compromised too many times in too many ways.