Request Demo

News Coverage

News Insights: Millions Of Bank Loan And Mortgage Documents Have Leaked Online

down-arrow

According to Colin Bastable, CEO, Lucy Security:

“When US lenders offload our mortgages and loans to third parties, they offload the data too, and wash their hands of all responsibility. In its drive for profitability, the US financial industry has outsourced many services to third party service providers, and at the heart of this fragmented industry is consumer data. Our Data.

The relentless drive for greater margins comes at the expense of consumer data protection: our loans and our data are commodities to be traded, whereas consumers are still under the illusion that they have a relationship with their banks.

Dumpster Diving is bad enough – we often read about confidential papers being dumped in the trash when financial offices close.

In this case, the data has been re–digitized from paper records and mismanaged in a now notorious database known for great data analysis but lousy security. That the database admins forgot to secure the data with a password should shock us, but it doesn’t.

US consumers urgently need Congress to give consumers lifetime rights over their data, so that every organization taking or handling consumer data has a lifetime liability in the case of any data breach.”

According to George Wrenn, CEO, CyberSaint Security:

“This incident is a reminder that it is critical that we set high expectations for security and data protection when dealing with sensitive information. Organizations need to understand their gaps, and identify areas to build on their security posture at all times. This is especially true in cases where sensitive and personal information could be exposed.”

According to Tim Erlin, VP, product management and strategy at Tripwire:

“While sophisticated attacks may grab headlines, these types of misconfigurations can definitely be as impactful to the bottom line, if not more. This wasn’t a sophisticated attack by a well-funded nation-state adversary. It was a misconfiguration, a mistake. Organizations need to be able to detect and remediate misconfigurations, period.

“This is highly sensitive data that was exposed to anyone willing to look for it.

“Moving data and applications to the cloud doesn’t magically absolve an organization of its security responsibilities.”

This post originally appeared on Journal of Cyber Policy - read the original here

You may also like

Booz Allen 2019 Cyber Threat Report
on February 7, 2019

@BoozAllen @BoozAllenCyber #cybertrends #cybersecurity #cyber Find out the 8 ways threat actors can make waves in 2019 in the annual Booz Allen Cyber Threat Outlook Report: ...

It’s Time to Embrace Password ...
on February 7, 2019

Why Your Enterprise Needs Password Security Strategies Unfortunately, trusting employees to create strong passwords on their own may no longer serve as a tenable strategy. ...

Nearly Half Billion US Personal ...
on February 7, 2019

There’s good news and bad news about identity theft in 2018 according to a new report from the Identity Theft Resource Center (ITRC). The good news is the number of US data ...

News Insights: Millions Of Bank ...
on January 28, 2019

According to Colin Bastable, CEO, Lucy Security: “When US lenders offload our mortgages and loans to third parties, they offload the data too, and wash their hands of all ...

CyberSaint Security Announces ...
on January 28, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, a cybersecurity software firm that powers automated, intelligent compliance and risk management, today announced record-breaking ...

A Cybersecurity Compliance Crystal ...
on January 28, 2019

What Recent News Means for the Future The compliance landscape is changing, necessitating changes from the compliance profession as well. A team of experts from CyberSaint discuss ...

George Wrenn