Security News > 2020 > July > NY Charges First American Financial for Massive Data Leak
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003.
On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties.
As first reported here last year, First American's website exposed 16 years worth of digitized mortgage title insurance records - including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images.
In a written statement, First American said it strongly disagrees with the DFS's findings, and that its own investigation determined only a "Very limited number" of consumers - and none from New York - had personal data accessed without permission.
First American released its first quarter 2020 earnings today.
News URL
https://krebsonsecurity.com/2020/07/ny-charges-first-american-financial-for-massive-data-leak/
Related news
- Royal Mail investigates data leak claims, no impact on operations (source)
- Western Sydney University discloses security breaches, data leak (source)
- Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks (source)
- Qilin Ransomware Ranked Highest in April 2025 with 72 Data Leak Disclosures (source)
- New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy (source)