Request Demo

News Coverage

News Insights: Millions Of Bank Loan And Mortgage Documents Have Leaked Online

down-arrow

According to Colin Bastable, CEO, Lucy Security:

“When US lenders offload our mortgages and loans to third parties, they offload the data too, and wash their hands of all responsibility. In its drive for profitability, the US financial industry has outsourced many services to third party service providers, and at the heart of this fragmented industry is consumer data. Our Data.

The relentless drive for greater margins comes at the expense of consumer data protection: our loans and our data are commodities to be traded, whereas consumers are still under the illusion that they have a relationship with their banks.

Dumpster Diving is bad enough – we often read about confidential papers being dumped in the trash when financial offices close.

In this case, the data has been re–digitized from paper records and mismanaged in a now notorious database known for great data analysis but lousy security. That the database admins forgot to secure the data with a password should shock us, but it doesn’t.

US consumers urgently need Congress to give consumers lifetime rights over their data, so that every organization taking or handling consumer data has a lifetime liability in the case of any data breach.”

According to George Wrenn, CEO, CyberSaint Security:

“This incident is a reminder that it is critical that we set high expectations for security and data protection when dealing with sensitive information. Organizations need to understand their gaps, and identify areas to build on their security posture at all times. This is especially true in cases where sensitive and personal information could be exposed.”

According to Tim Erlin, VP, product management and strategy at Tripwire:

“While sophisticated attacks may grab headlines, these types of misconfigurations can definitely be as impactful to the bottom line, if not more. This wasn’t a sophisticated attack by a well-funded nation-state adversary. It was a misconfiguration, a mistake. Organizations need to be able to detect and remediate misconfigurations, period.

“This is highly sensitive data that was exposed to anyone willing to look for it.

“Moving data and applications to the cloud doesn’t magically absolve an organization of its security responsibilities.”

This post originally appeared on Journal of Cyber Policy - read the original here

You may also like

CyberSaint Named Winner of Five ...
on March 5, 2020

SAN FRANCISCO--(BUSINESS WIRE)--RSA Conference - CyberSaint Security, the developer of the leading platform for automated, intelligent cybersecurity risk and compliance ...

CyberSaint Named ISPG 2020 Silver ...
on March 5, 2020

SAN FRANCISCO--(BUSINESS WIRE)--RSA Conference--CyberSaint Security, the developer of the leading platform for automated, intelligent cybersecurity risk and compliance management, ...

CyberSaint Continues Hypergrowth ...
on February 23, 2020

BOSTON--(BUSINESS WIRE)--CyberSaint Security, the developer of the leading platform for automated, intelligent cybersecurity risk and compliance, today announced 833% bookings ...

5 Ways to Champion and Increase ...
on November 26, 2019

Give your organization's leadership an impactful, out-of-office experience so they know what's at stake with their budgeting decisions. Late in the summer of 2015, I orchestrated ...

George Wrenn
CyberSaint Releases New Governance ...
on November 19, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, the developer of the leading platform for automated, intelligent risk and compliance, today announced significant updates to its ...

Mexican state-owned petroleum firm ...
on November 14, 2019

Mexican state-owned petroleum company Petróleos Mexicanos, known as Pemex, has been targeted in a ransomware attack whose perpetrators are demanding a ransom of 565 bitcoin, worth ...