Sensitive information about tens of thousands of loans and mortgages, mostly dating back to 2008, was discovered online, according to a report by TechCrunch.
The banks, which include Wells Fargo, CitiGroup and others, were scrambling to identify the customers affected and inform them of the possible hacking.
The breach was discovered by security researcher Bob Diachenko, who found easy access to the database of sensitive financial files, which weren’t password protected and thus easy to crack.
“These documents contained highly sensitive data, such as social security numbers, names, phones, addresses, credit history, and other details which are usually part of a mortgage or credit report,” said Diachenko on his SecurityDiscovery.com blog. “This information would be a gold mine for cybercriminals who would have everything they need to steal identities, file false tax returns, get loans or credit cards.”
TechCrunch says that after it reached out to banks regarding customers whose information was on the server, the database shut down on Jan 15.
Readers, what to do? As you wait to hear from your financial institution, this would be a great time to change the password on your financial accounts. Even though this account wasn’t password protected, a hacker could have gotten enough of your personal information to hack into other accounts with the data.
Follow USA TODAY’s Jefferson Graham (@jeffersongraham) on Twitter, Instagram and YouTube.
Read or Share this story: https://www.usatoday.com/story/tech/talkingtech/2019/01/23/fraud-alert-your-mortgage-info-could-risk-techcrunch-report/2661282002/