Detecting a security breach of about 885 million document number of mortgage dating back to 2003 by a company, First American, according to the offer issued by the security researcher Brian Krebs Brian Krebs, in charge of site security Krebs on security KrebsOnSecurity.
And First American as a financial services company offering insurance services on property titles and other services to the real estate mortgage, the largest provider of insurance to property in the United States, and revenues of about $ 6 billion, and 19 thousand employees.
Clarifies the information that the records exposed includes Social Security numbers, photos, driver licenses, numbers of bank accounts, statements, mortgage documents, tax receipts, banking transactions, so they can be read by anyone using a web browser.
The company wrote in a statement: note the First American on May 24, the existence of a defect in the design of an application and its productivity, which allowed to gain unauthorized access to customer data, and security, privacy and confidentiality is a high priority, we are committed to protecting our customers ‘ information.
The statement added that the First American has taken immediate action to remedy the situation and turn off access to the app, and it is currently assessing the impact of what happened on the security information client, and they cooperated with the investigation firm, external to make sure that there wasn’t any unauthorized access to customer data.
Related topics what you read now:
And Brian Krebs: if anyone knows the URL of the document on the website of the company on the web can view other documents by amendment number one in comfort, although the effect of this fall could be huge, given the sheer volume of individuals who have been sent a link to level them via e-mail by First American.
This is confirmed out of the company First American need for a comprehensive approach to secure systems and networks, especially those that contain sensitive information, so that firewalls and anti-malware, and other tools to control safety is not sufficient to provide out unwanted files.
Although there is no evidence currently to find anyone on the confidentiality of the information, but it is clear that it was very easy to get them, and they are a great value, so that it is difficult to exclude such a possibility.