885 Million Financial Records Exposed Online

By Gorodenkoff @ Shutterstock.com

When I discuss financial security with clients and investors, I always encourage them to be proactive. The only person who will ever make your security the absolute highest priority is you. As part of my never complete efforts to protect myself from financial fraud, I have signed up for LifeLock (I am not a paid LifeLock advocate, I just believe in the product).

Recently LifeLock users were warned of the exposure of 885 million financial records from First American Financial Corp. The company emailed users:

On Friday, an independent security journalist revealed that First American Financial Corp had up to 885 million sensitive customer financial records exposed on its website going back to 2003.

First American is the top title insurance firm in the United States. They often handle both the buyer and lender sides of real estate transactions across the country. The personal information found in the database includes combinations of:

  • Social Security numbers
  • Driver’s license images
  • Bank account numbers
  • Mortgage and tax documents
  • Wire transaction receipts

There was no indication that any of the data was stolen during the exposure and First American has taken down the site. The company has hired a firm to assess whether customer data was stolen.

What does this mean?

A data exposure or data leak is different from a data breach. In a breach, unauthorized access to sensitive information is intentional. In a data exposure like this one, the sensitive information is left out in the open, often because the server was not set up with the proper security.

Make sure you are getting everything your LifeLock membership has to offer. If you haven’t already, log in to your Member Portal and complete your profile to ensure that LifeLock is monitoring your personal information, including any email addresses you use regularly, financial accounts, and more.

Due to this event, we may be experiencing high call volume and don’t want you to be inconvenienced with wait times. If we detect your personal information being used within our network, we’ll send you an alert.

Read more about LifeLock here.