Hundreds of millions of insurance records exposed by First American Financial

Monday 27 May 2019 10:31 CET | News

First American Financial, a large insurance company, has leaked hundreds of millions of documents related to mortgage deals going back to 2003.

According to security publication KrebsOnSecurity, records such as bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images were available without authentication to anyone with a Web browser.

Approximately 885 million files were exposed, and many of them are records of wire transactions with bank account numbers and other information from home or property buyers and sellers.

The online publication added that First American wouldn’t comment on the overall number of records potentially exposed via their site, or how long those records were publicly available. However, a spokesperson for the company said “took immediate action to address the situation and shut down external access to the application”.

Brian Krebs emphasised that these documents were merely available from First American’s Web site and that he does not have any information to suggest the documents were somehow mass-harvested. Nevertheless, the information exposed by First American could be a virtual gold mine for phishers and scammers involved in so-called Business Email Compromise (BEC) scams.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: data breach, exposed records, online security, Brian Krebs, Business Email Compromise fraud, BEC scams, First American Financial, US
Countries: World

Industry Events