- Facebook copies Instagram with experimental ‘Popular Photos’ feature 6 Months Ago
- This iPhone app says it will alert you if you’ve been hacked Today 2:43 PM
- ‘Marvel’s Hero Project’ is the wholesome content 2019 needs Today 2:40 PM
- Get more out of VSCO with VSCO search Today 2:09 PM
- Twitter carves out ‘cause-based’ advocacy exemption in political ads ban Today 2:06 PM
- Disney+ accounts are being hacked—here’s how to protect yourself Today 1:52 PM
- Instagram is hiding likes globally and searching for a ‘well-being’ product researcher Today 1:42 PM
- ‘The Mandalorian’ opens up its mythology even further in ‘Chapter 2’ Today 12:54 PM
- Want to buy a drone on a budget? We’ve got you covered Today 12:51 PM
- ‘Simpsons’ writer accuses Republicans of stealing Sideshow Bob’s defense Today 12:49 PM
- Keanu Reeves’ appearance in ‘SpongeBob Movie’ trailer quickly becomes a meme Today 12:35 PM
- Charli XCX makes the band in Netflix’s ‘Nasty Cherry’ Today 12:33 PM
- Taylor Swift’s distress call reignites fight with Scooter Braun and former label Today 12:16 PM
- How to disable autoplay for previews and trailers on Disney+ Today 12:10 PM
- College basketball stream: How to watch North Carolina vs. Gardner-Webb Today 12:00 PM
A major financial service company left hundreds of millions of private records unsecured online, exposing everything from Social Security numbers to drivers license images.
Shoval had found that anyone with a link to a document on the site could simply change a single digit in the URL to view other hosted files.
Analysis from Krebs on Security found that a total of 885 million documents, spanning as far back as 2003, could be accessed. The files included everything from bank account numbers and statements to wire transfer receipts and tax records.
Prior to releasing the story, Krebs on Security founder Brian Krebs described the incident as a “truly massive–possibly superlative–sensitive data exposure.”
After becoming aware of the issue, First American Corporation stated that it had “shut down external access to the application” on Friday.
“First American has learned of a design defect in an application that made possible unauthorized access to customer data,” the company said in a statement. “At First American, security, privacy, and confidentiality are of the highest priority and we are committed to protecting our customers’ information.”
The company added that it was “evaluating what effect, if any, this had on the security of customer information” and later told the Verge that a third-party forensics group had been hired to determine whether the data was accessed.
The California-based First American Corporation is said to employ more than 18,000 people and bring in billions in profits annually.
- Senator proposes Do Not Track bill to allow consumers to opt out of data gathering
- Tumblr security bug could have exposed users’ private data
- How to protect yourself from identity theft on the dark web
- Where do 2020 Democratic candidates stand on internet privacy?
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.