Security News > 2020 > July > NY Charges First American Financial for Massive Data Leak
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003.
On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties.
As first reported here last year, First American's website exposed 16 years worth of digitized mortgage title insurance records - including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images.
In a written statement, First American said it strongly disagrees with the DFS's findings, and that its own investigation determined only a "Very limited number" of consumers - and none from New York - had personal data accessed without permission.
First American released its first quarter 2020 earnings today.
News URL
https://krebsonsecurity.com/2020/07/ny-charges-first-american-financial-for-massive-data-leak/
Related news
- Toyota confirms breach after stolen data leaks on hacking forum (source)
- Brain Cipher claims attack on Olympic venue, promises 300 GB data leak (source)
- Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations (source)
- A data leak and a data breach (source)
- 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage (source)