From "Security Blog Reports That First American Left Hundreds of Millions of Records Exposed"
Washington Post (05/24/19) Timberg, Craig; Merle, Renae
According to security blog Krebson Security, mortgage settlement and title insurance company First American Financial Corporation left hundreds of millions of customer records accessible on the web, including personal information. Krebs reported no evidence that the vulnerability had been exploited by hackers, but the security lapse put 885 million records at risk from an unknown numbers of customers. Based on a tip from a real estate developer who found the vulnerability, Krebs wrote that anybody with access to a web portal for the company could have gained access to documents from other customers by altering digits in the web address. Krebs said First American has confirmed there was a "design defect," and has shut down external access to the application.
To read the full story click this link. Web Link
Washington Post (05/24/19) Timberg, Craig; Merle, Renae
According to security blog Krebson Security, mortgage settlement and title insurance company First American Financial Corporation left hundreds of millions of customer records accessible on the web, including personal information. Krebs reported no evidence that the vulnerability had been exploited by hackers, but the security lapse put 885 million records at risk from an unknown numbers of customers. Based on a tip from a real estate developer who found the vulnerability, Krebs wrote that anybody with access to a web portal for the company could have gained access to documents from other customers by altering digits in the web address. Krebs said First American has confirmed there was a "design defect," and has shut down external access to the application.
To read the full story click this link. Web Link