Skip to main content
  1. Home
  2. News

Millions of real estate records were publicly accessible due to lax security

By
Stock photo of lock and data
Darwin Laganzon/Pixabay

A major financial services company, First American Corporation, has left millions of records publicly accessible on its servers. The data included bank account details, bank statements, mortgage records, driver’s license images, and Social Security numbers, and was available to access without authorization by anyone who connected to an area of the company’s website.

The company provides title insurance and settlement services, and is a major player in the real estate and mortgage industries. The publicly accessible data was discovered by a real estate developer who reported it to the company but got no response. He then shared the finding with an online security blog.

Recommended Videos

“Closing agencies are supposed to be the only neutral party that doesn’t represent someone else’s interest, and you’re required to have title insurance if you have any kind of mortgage,” Ben Shoval, the developer who discovered the leak, said to KrebsOnSecurity. “The title insurance agency collects all kinds of documents from both the buyer and seller, including Social Security numbers, drivers licenses, account statements, and even internal corporate documents if you’re a small business. You give them all kinds of private information and you expect that to stay private.”

As many as 885 million files were accessible, dating back to 2003. It is not known at this time how long the documents were exposed for, but they were available from at least March 2017. First American Corporation has not confirmed how many people’s data was vulnerable or whether cyber criminals could have been aware of the data before this week.

The company learned about the accessibility of the documents on Friday and reported that it immediately blocked external access to them and began an investigation into any resulting security issues.

“First American has learned of a design defect in an application that made possible unauthorized access to customer data,” a First American spokesperson said in a statement shared with KrebsOnSecurity. “At First American, security, privacy and confidentiality are of the highest priority and we are committed to protecting our customers’ information. The company took immediate action to address the situation and shut down external access to the application. We are currently evaluating what effect, if any, this had on the security of customer information. We will have no further comment until our internal review is completed.”

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Watch Boston Dynamics’ dog-like robot don a dog suit and dance
Boston Dynamics' Spot robot dressed as a dog.

Meet Sparkles | Boston Dynamics

Boston Dynamics has shared a video of its dog-like Spot robot dancing in a dog costume.

Read more
Are you having iPhone alarm problems? A fix is coming soon
A person holding the Apple iPhone 15 Plus.

If you’ve slept through an important meeting or missed your alarm lately, it may not be entirely your fault if you’re an iPhone user. For weeks now, iPhone users have been reporting on social media that their devices are no longer ringing.

Today, The Wall Street Journal’s Joanna Stern finally confirmed this. According to Stern, Apple has confirmed that it’s aware of the issue causing some alarms not to play a sound and is working on a fix.
iPhone alarm issues explained
The iPhone alarm problem seems to be tied to Apple’s Attention Aware features. For those unfamiliar, it’s a feature that lowers the volume sound of your alerts and alarms if you’re looking at your device and avoids dimming the screen, similar to how Samsung phones keep the screen on if they see you looking at your screen.

Read more
We’re one step closer to replicating the human brain
A digital brain on a computer interface.

Scientists from the Netherlands and South Korea have just built a device dubbed "iontronic memristor (memory resistor)," or in other words, an artificial synapse. This device, just a little bit wider than a human hair, mimics the part of the brain that helps us think and learn. This isn't the first time scientists have tried to tackle creating a device that can resemble the thinking of the human brain, but this one's special, because it's not built like the others -- it's built like our brains.

So, what is this brain-like device, and why is it so special? Get ready for some science talk. The iontronic memristor has a tapered microfluidic channel, shaped like a cone, inside which sits a solution of salt (potassium chloride) dissolved in water. Yes, it's literally just salt and water.

Read more