- How to stream Manchester City vs. Bournemouth 3 Months Ago
- Catholic priest allegedly spent church money on Grindr hookups 3 Months Ago
- Nicolás Maduro’s English Twitter account was suspended with no public explanation Today 2:06 PM
- Man claims ex-girlfriend killed his dog after he broke up with her Today 1:02 PM
- What are BitTorrent downloads and how do they work? Today 12:58 PM
- ICE cuts the cord on real immigrant hotline after being featured in ‘Orange Is the New Black’ Today 10:49 AM
- The 10 best music podcasts for artist interviews and criticism in 2019 Today 10:41 AM
- How a socialist Twitch streamer landed in a feud with Dan Crenshaw Today 10:07 AM
- How to prepare for your fantasy football draft (and season) Today 9:00 AM
- Kit Harington is joining the MCU–and people are guessing which character he will play Today 8:48 AM
- How to live stream Juan Francisco Estrada vs. Dewayne Beamon Today 8:00 AM
- The 5 best free torrent clients you can download in 2019 Today 8:00 AM
- How to stream Saints vs. Jets in NFL preseason action Today 7:49 AM
- How to stream Chiefs vs. 49ers in NFL preseason action Today 7:36 AM
- How to live stream Bellator 225: Mitrione vs. Kharitonov Today 7:30 AM
A major financial service company left hundreds of millions of private records unsecured online, exposing everything from Social Security numbers to drivers license images.
Shoval had found that anyone with a link to a document on the site could simply change a single digit in the URL to view other hosted files.
Analysis from Krebs on Security found that a total of 885 million documents, spanning as far back as 2003, could be accessed. The files included everything from bank account numbers and statements to wire transfer receipts and tax records.
Prior to releasing the story, Krebs on Security founder Brian Krebs described the incident as a “truly massive–possibly superlative–sensitive data exposure.”
After becoming aware of the issue, First American Corporation stated that it had “shut down external access to the application” on Friday.
“First American has learned of a design defect in an application that made possible unauthorized access to customer data,” the company said in a statement. “At First American, security, privacy, and confidentiality are of the highest priority and we are committed to protecting our customers’ information.”
The company added that it was “evaluating what effect, if any, this had on the security of customer information” and later told the Verge that a third-party forensics group had been hired to determine whether the data was accessed.
The California-based First American Corporation is said to employ more than 18,000 people and bring in billions in profits annually.
- Senator proposes Do Not Track bill to allow consumers to opt out of data gathering
- Tumblr security bug could have exposed users’ private data
- How to protect yourself from identity theft on the dark web
- Where do 2020 Democratic candidates stand on internet privacy?
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.