goon2019
Posts 392
|
An unprotected server leaked 24 million sensitive housing documents not once but twice
If you live in the U.S. and bought a house sometime over the last decade, your information may be at risk. According to TechCrunch, more than 24 million mortgage and banking documents were exposed not once but twice.
The exposed information included mortgage loan agreements, payment schedules, borrowers’ phone numbers, and other sensitive financial data.
The culprit? A single unsecured server. If you think that’s bad, it gets worse: In addition to housing millions of sensitive documents, this server didn’t even include a password.
In other words, this information was available to anyone who had five seconds to open their browser and type in the URL.
Leaving valuables inside with the front door unlocked
The documents in question were stored by Ascension, a third-party data and analytics company. In a public blog post, infosec expert Bob Diachenko, who first discovered the public server, stated that there were more than 24 million records openly available.
The records, which go back more than a decade, housed a whopping 51 GB of OCR (optical character recognition) data. While this type of text is readily readable to the naked eye, it can easily be parsed together to divulge private details.
“This information would be a gold mine for cybercriminals who would have everything they need to steal identities, file false tax returns, get loans or credit cards.,” Diachenko wrote.
The lenders had no idea these documents existed
The exposed server housed tens of thousands of financial documents from a range of different banks and institutions, including Wells Fargo, Capital One, HSBC Life Insurance, CitiFinancial, and more. While the information was somewhat scrambled, it was relatively easy to reconstruct—especially if a person was to use the right tools.
But here’s the kicker: Most of the banks have gone on record saying they have zero affiliation with Ascension. In fact, Wells Fargo went on record stating that it had “no vendor relationship with Ascension since 2010.” HSBC said the same thing.
If you don’t know the recipient—or if an email is automatically flagged as suspicious—it’s best to approach with caution.
While this story is still under development, it serves as a cautionary tale to always enable your password and security settings. Because you can’t trust a random company to protect your personal details, it’s up to you to take your privacy into your own hands.
Speaking of the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN. RitaVPN is an excellent tool for protecting your online privacy and security. And with the using of RitaVPN, you can also access your favorite geo-blocked content. It allows P2P connections on all servers and offers specialized servers for Netflix and other favorite streaming channels. RitaVPN is a relatively new VPN service, but it’s already making a name for itself,which makes it one of the best VPN in 2019.
Qwer432
http://www.buysecurevpn.com/
http://www.buyexpressvpn.net/
http://www.buyvpnservice.net/
|