Skip to main content
  1. Home
  2. Web
  3. News

Millions of real estate records were publicly accessible due to lax security

By
Add as a preferred source on Google
Stock photo of lock and data
Darwin Laganzon/Pixabay

A major financial services company, First American Corporation, has left millions of records publicly accessible on its servers. The data included bank account details, bank statements, mortgage records, driver’s license images, and Social Security numbers, and was available to access without authorization by anyone who connected to an area of the company’s website.

The company provides title insurance and settlement services, and is a major player in the real estate and mortgage industries. The publicly accessible data was discovered by a real estate developer who reported it to the company but got no response. He then shared the finding with an online security blog.

Recommended Videos

“Closing agencies are supposed to be the only neutral party that doesn’t represent someone else’s interest, and you’re required to have title insurance if you have any kind of mortgage,” Ben Shoval, the developer who discovered the leak, said to KrebsOnSecurity. “The title insurance agency collects all kinds of documents from both the buyer and seller, including Social Security numbers, drivers licenses, account statements, and even internal corporate documents if you’re a small business. You give them all kinds of private information and you expect that to stay private.”

As many as 885 million files were accessible, dating back to 2003. It is not known at this time how long the documents were exposed for, but they were available from at least March 2017. First American Corporation has not confirmed how many people’s data was vulnerable or whether cyber criminals could have been aware of the data before this week.

The company learned about the accessibility of the documents on Friday and reported that it immediately blocked external access to them and began an investigation into any resulting security issues.

“First American has learned of a design defect in an application that made possible unauthorized access to customer data,” a First American spokesperson said in a statement shared with KrebsOnSecurity. “At First American, security, privacy and confidentiality are of the highest priority and we are committed to protecting our customers’ information. The company took immediate action to address the situation and shut down external access to the application. We are currently evaluating what effect, if any, this had on the security of customer information. We will have no further comment until our internal review is completed.”

Georgina Torbet
Georgina Torbet
Former Space Writer
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
Topics
How to clear your browser cache in Chrome, Edge, Firefox, Safari, or Opera
A cluttered cache can slow you down and break websites, so here's how to clear it in every major browser in just a few seconds.
How to delete browser cache

A stocked computer cache may be convenient for logging into and out of go-to sites in seconds flat, but a major buildup of these tracking codes could significantly impact your PC’s performance. If you’ve noticed that your PC has been running rather slow of late, or you’re using a new browser and don’t know how to clear its cache, we’ve got you covered with the following guide.

Read more
How to find archived emails in Gmail and return them to your inbox
Archived emails in Gmail are easier to find than you think—once you know where Google hides them
Gmail icon on a screen.

If you’re looking to clean up your Gmail inbox, but you don’t want to delete anything permanently, then choosing the archive option is your best bet. Whenever you archive an email, it is removed from your inbox folder while still remaining accessible. Here’s how to access any emails you have archived previously, as well as how to move such messages back to your regular inbox for fast access.

Read more
Is there a Walmart Plus free trial? Get a month of free delivery
A Walmart sign on the outside of a store.

For regular Walmart shoppers, signing up for Walmart Plus is a no-brainer. It's basically Walmart's version of Amazon Prime, with subscribers unlocking free shipping on most orders, early access to discounts and new product drops (like Nintendo Switch 2 restocks), the best grocery delivery, and more. If you're always taking advantage of Walmart's bargains for the best smart home devices or the best tech products in general, but you're still not sure if you'll be able to maximize the benefits of Walmart Plus, we highly recommend claiming the free trial to the service, and we've got everything you need to know about it right here.

START YOUR FREE TRIAL

Read more