Request Demo

News Coverage

News Insights: Millions Of Bank Loan And Mortgage Documents Have Leaked Online


According to Colin Bastable, CEO, Lucy Security:

“When US lenders offload our mortgages and loans to third parties, they offload the data too, and wash their hands of all responsibility. In its drive for profitability, the US financial industry has outsourced many services to third party service providers, and at the heart of this fragmented industry is consumer data. Our Data.

The relentless drive for greater margins comes at the expense of consumer data protection: our loans and our data are commodities to be traded, whereas consumers are still under the illusion that they have a relationship with their banks.

Dumpster Diving is bad enough – we often read about confidential papers being dumped in the trash when financial offices close.

In this case, the data has been re–digitized from paper records and mismanaged in a now notorious database known for great data analysis but lousy security. That the database admins forgot to secure the data with a password should shock us, but it doesn’t.

US consumers urgently need Congress to give consumers lifetime rights over their data, so that every organization taking or handling consumer data has a lifetime liability in the case of any data breach.”

According to George Wrenn, CEO, CyberSaint Security:

“This incident is a reminder that it is critical that we set high expectations for security and data protection when dealing with sensitive information. Organizations need to understand their gaps, and identify areas to build on their security posture at all times. This is especially true in cases where sensitive and personal information could be exposed.”

According to Tim Erlin, VP, product management and strategy at Tripwire:

“While sophisticated attacks may grab headlines, these types of misconfigurations can definitely be as impactful to the bottom line, if not more. This wasn’t a sophisticated attack by a well-funded nation-state adversary. It was a misconfiguration, a mistake. Organizations need to be able to detect and remediate misconfigurations, period.

“This is highly sensitive data that was exposed to anyone willing to look for it.

“Moving data and applications to the cloud doesn’t magically absolve an organization of its security responsibilities.”

This post originally appeared on Journal of Cyber Policy - read the original here

You may also like

Downgrade Of Equifax By Moody’s ...
on May 28, 2019

In response to this week’s downgrade by Moody’s of Equifax as a result of its 2017 massive breach of consumer data, six cybersecurity and risk experts offer perspective on this ...

Insights from Verizon’s 2019 Data ...
on May 9, 2019

$40 million stolen from the Binance cryptocurrency exchange yesterday by cybercriminals. Hackers infiltrating hundreds of Amazon merchant accounts late last year. The ongoing ...

CyberSaint Introduces First ...
on April 16, 2019

New CyberStrong™ integrated risk management platform capabilities deliver actionable vulnerability intelligence, single sign-on (SSO), various hosting options, and customer-facing ...

Should There Be ‘Safe Harbor’ ...
on February 20, 2019

Sometimes, you do the best you can, but things happen anyway. You follow all the best practices, all your systems are locked down, you spend twice as much as your peers on ...

Data Center Knowledge
CyberStrong Integrated Risk ...
on February 19, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, a cybersecurity software firm that powers automated, intelligent compliance and risk management, today announced that the company ...

Booz Allen 2019 Cyber Threat Report
on February 7, 2019

@BoozAllen @BoozAllenCyber #cybertrends #cybersecurity #cyber Find out the 8 ways threat actors can make waves in 2019 in the annual Booz Allen Cyber Threat Outlook Report: ...