First American Financial Corp is a Fortune 500 company that insures titles on peoples' property; their insecure website exposed 885,000,000 records for property titles, going back 16 years, including bank accounts (with scanned statements), Social Security numbers, wire transaction receipts, scanned drivers' licenses, tax records, mortgage records, etc -- when notified of the error, the company (which employs 18,000 people and grossed more than $5.7B last year) closed the misconfiguration.
It's not clear whether or which records were compromised.
The error was in the company's customer portal, which anyone who ever closed a real-estate purchase mediated by First American would have accessed. All it took to gain access to other peoples' records was to change the customer number in the portal, adding or subtracting one to step through every customer on file, back to 2003.
KrebsOnSecurity confirmed the real estate developer’s findings, which indicate that First American’s Web site exposed approximately 885 million files, the earliest dating back more than 16 years. No authentication was required to read the documents.
Many of the exposed files are records of wire transactions with bank account numbers and other information from home or property buyers and sellers. Ben Shoval, the developer who notified KrebsOnSecurity about the data exposure, said that’s because First American is one of the most widely-used companies for real estate title insurance and for closing real estate deals — where both parties to the sale meet in a room and sign stacks of legal documents.
“Closing agencies are supposed to be the only neutral party that doesn’t represent someone else’s interest, and you’re required to have title insurance if you have any kind of mortgage,” Shoval said.
First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records [Brian Krebs/Krebs on Security]
(via The Verge)
The looming threat of mass-unemployment driven by automation has been grossly overstated: while it's true that "truck driver" is one of the most common jobs in America, the vast majority of truck drivers are not long-haul drivers, which are the drivers at risk of having their jobs automated out of existence.
A combination of hubris (failing to heed the stern warnings that bidders should only participate if they know what they're doing), cryptic annotations and confusing illustrations resulted in a bidder buying a 12" wide, 100' long strip between two properties in Broward County, Florida -- an odd parcel that had been formerly owned by the […]
Internet Archive founder Brewster Kahle (who also founded the company Alexa, now an Amazon division) ordered a pack of Sharpies from Amazon using the Internet Archive's business account, then, minutes later, ordered another pack using his personal account, both to be delivered to the Internet Archive: the order for the Internet Archive was priced at […]
Even if you feel like AirPods are worth the price tag, you’ve got to admit there’s a certain anxiety that comes with using them. What if I lose them? What if they get wet in the rain? Or drenched in sweat? Or fall into the drink you dropped them into? Shiny tech is great, but […]
With the quick-fix appeal of video games and their own cell phones, it can be tough to keep kids focused on supposedly “educational” toys. And while it may seem counter-intuitive to fight tech with more tech, we’re all in when it comes to the Toybox 3D Printer. We’re not sure if anyone had envisioned a […]
Whether you’re an artist, designer or just organizing a photo album, photo editing software is a must. And software designers know it: Platforms like Photoshop and Lightroom have a ton of helpful features, but you’ll pay for them in spades. Luckily, there’s some competition in the photo editing arena. Right now, Skylum’s Luminar software is […]