Skip to main content

Millions of real estate records were publicly accessible due to lax security

Stock photo of lock and data
Darwin Laganzon/Pixabay

A major financial services company, First American Corporation, has left millions of records publicly accessible on its servers. The data included bank account details, bank statements, mortgage records, driver’s license images, and Social Security numbers, and was available to access without authorization by anyone who connected to an area of the company’s website.

The company provides title insurance and settlement services, and is a major player in the real estate and mortgage industries. The publicly accessible data was discovered by a real estate developer who reported it to the company but got no response. He then shared the finding with an online security blog.

Recommended Videos

“Closing agencies are supposed to be the only neutral party that doesn’t represent someone else’s interest, and you’re required to have title insurance if you have any kind of mortgage,” Ben Shoval, the developer who discovered the leak, said to KrebsOnSecurity. “The title insurance agency collects all kinds of documents from both the buyer and seller, including Social Security numbers, drivers licenses, account statements, and even internal corporate documents if you’re a small business. You give them all kinds of private information and you expect that to stay private.”

Please enable Javascript to view this content

As many as 885 million files were accessible, dating back to 2003. It is not known at this time how long the documents were exposed for, but they were available from at least March 2017. First American Corporation has not confirmed how many people’s data was vulnerable or whether cyber criminals could have been aware of the data before this week.

The company learned about the accessibility of the documents on Friday and reported that it immediately blocked external access to them and began an investigation into any resulting security issues.

“First American has learned of a design defect in an application that made possible unauthorized access to customer data,” a First American spokesperson said in a statement shared with KrebsOnSecurity. “At First American, security, privacy and confidentiality are of the highest priority and we are committed to protecting our customers’ information. The company took immediate action to address the situation and shut down external access to the application. We are currently evaluating what effect, if any, this had on the security of customer information. We will have no further comment until our internal review is completed.”

Georgina Torbet
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
It looks like the iPhone 17 Pro may have a titanium design after all
A person holding the Apple iPhone 16 Pro Max.

In a shining example of why leaks cannot be taken fully at face value, the iPhone 17 Pro might be made of titanium after all. Last week, we reported a leak that suggested the iPhone 17 Pro and Pro Max handsets could use an aluminum frame for the first time since 2016. Now, another leak suggests that information is inaccurate, and the premium iPhone models will not opt for a less expensive material after all.

"Looking back at the iPhone in recent years, Apple has always focused on promoting the high-end frame materials of the Pro series as one of its selling points, from 'surgical grade stainless steel' to 'titanium.' How can it be said that it was replaced with aluminum?" says Setsuna Digital, a leaker on Weibo.

Read more
In the future, all of the buttons on your iPhone could be Action buttons
iPhone 16 Plus and iPhone 16 Pro Max action button

One of the newest iPhone features, the customizable Action button, could eventually be added to other Apple products, including the iPad and Mac. In addition, future iPhones could have multiple Action buttons. The U.S. Patent Office recently published a patent application (via Patently Apple) that explores these possibilities.

The iPhone Action button was first introduced with the iPhone 15 Pro and iPhone 15 Pro Max and later became available on all iPhone 16 models. This versatile button offers a new level of personalization and efficiency, giving you quick access to your most-used features with a simple click.

Read more
If you like Samsung’s Edge Panels, you may not like the One UI 7 update
Galaxy S23 back in hand.

You probably have at least 50 apps installed on your phone, if not significantly more — but you likely only use maybe 10 or so of those apps on a routine basis. Samsung's Edge Panels feature made it easy to access your most-used apps, but that feature is starting to go the way of the Dodo with the upcoming One UI 7 launch.

Samsung sent an email to users alerting them that Edge Panels will no longer work with the launch of One UI 7, and those users took to X to share the email. That said, it's not quite as straightforward as it might seem.

Read more