<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

News Coverage

News Insights: Millions Of Bank Loan And Mortgage Documents Have Leaked Online

down-arrow

According to Colin Bastable, CEO, Lucy Security:

“When US lenders offload our mortgages and loans to third parties, they offload the data too, and wash their hands of all responsibility. In its drive for profitability, the US financial industry has outsourced many services to third party service providers, and at the heart of this fragmented industry is consumer data. Our Data.

The relentless drive for greater margins comes at the expense of consumer data protection: our loans and our data are commodities to be traded, whereas consumers are still under the illusion that they have a relationship with their banks.

Dumpster Diving is bad enough – we often read about confidential papers being dumped in the trash when financial offices close.

In this case, the data has been re–digitized from paper records and mismanaged in a now notorious database known for great data analysis but lousy security. That the database admins forgot to secure the data with a password should shock us, but it doesn’t.

US consumers urgently need Congress to give consumers lifetime rights over their data, so that every organization taking or handling consumer data has a lifetime liability in the case of any data breach.”

According to George Wrenn, CEO, CyberSaint Security:

“This incident is a reminder that it is critical that we set high expectations for security and data protection when dealing with sensitive information. Organizations need to understand their gaps, and identify areas to build on their security posture at all times. This is especially true in cases where sensitive and personal information could be exposed.”

According to Tim Erlin, VP, product management and strategy at Tripwire:

“While sophisticated attacks may grab headlines, these types of misconfigurations can definitely be as impactful to the bottom line, if not more. This wasn’t a sophisticated attack by a well-funded nation-state adversary. It was a misconfiguration, a mistake. Organizations need to be able to detect and remediate misconfigurations, period.

“This is highly sensitive data that was exposed to anyone willing to look for it.

“Moving data and applications to the cloud doesn’t magically absolve an organization of its security responsibilities.”

This post originally appeared on Journal of Cyber Policy - read the original here

You may also like

Booz Allen Hamilton and CyberSaint ...
on September 7, 2022

MCLEAN, Va. & BOSTON--(BUSINESS WIRE)--Booz Allen Hamilton (NYSE: BAH) and CyberSaint today announced a strategic partnership that aligns Booz Allen’s world-class ...

CyberSaint Continues to Support ...
on July 6, 2022

BOSTON--(BUSINESS WIRE)--CyberSaint, the developer of the leading platform delivering cyber risk automation, announced the addition of CMMC 2.0, allowing customers to adopt the ...

CyberSaint Makes FAIR Model ...
on June 28, 2022

BOSTON--(BUSINESS WIRE)--CyberSaint, the developer of the leading platform delivering cyber risk automation, announced the addition of the FAIR (Factor Analysis of Information ...

CyberSaint Releases CyberStrong ...
on June 21, 2022

BOSTON--(BUSINESS WIRE)--CyberSaint, the developer of the leading platform delivering cyber risk automation, announced the release of CyberStrong version 3.20 today, leading the ...

CRN® Lists CyberSaint in Its 2022 ...
on April 4, 2022

BOSTON--(BUSINESS WIRE)--CyberSaint, the developer of the leading platform delivering cyber risk automation, has been recognized by CRN®, a brand of The Channel Company, in its ...

Award-Winning Cybersecurity ...
on March 17, 2022

BOSTON--(BUSINESS WIRE)--CyberSaint, the developer of the leading platform delivering cyber risk automation, today announced that Nicole Dove, award-winning cybersecurity ...