I mean it’s one thing to get hacked, it’s quite another to simply leave all this information available on your own website.
“The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.”
This is not a matter of a hacker targeting a firm, and out maneuvering their security staff and tools, this is gross negligence. The trick will be to find out whether someone’s information from this site was used in any identify fraud or other criminal activity. That’s where the victim would have some serious damage claims against First American.
Until then, we;ll see some random IT person get fired, and a bunch of comments from the people who run the company about how serious they take cybersecurity, when no one even bothered to look at their own website.
If you’ve had dealings with them as part of buying or selling a house, you may need to keep an eye on your accounts and credit information. Who knows who might have it? Then again, that’s been true for awhile now.