U.S. real estate title insurance company First American Financial Corp. said on Friday it had learned of a design defect in one of its production applications that had made possible unauthorized access to customer data.
The statement was sent in response to a report by security news website Krebs on Security, which said First American’s website had exposed about 885 million files dating back to 2003.
First American said it had shut down access to the application and was evaluating the impact of the defect.
“We are currently evaluating what effect, if any, this had on the security of customer information. We have hired an outside forensic firm to assure us that there has not been any meaningful unauthorized access to our customer data,” First American said in an emailed statement.
Digitized records including bank account numbers and statements, mortgage and tax records, social security numbers, wire transaction receipts, and drivers license images were available without authentication to anyone with a web browser, according to the Krebs on Security report http://bit.ly/2HQUbkj.
The report added that there was no information on whether fraudsters had been aware of the exposure.
First American Financial shares fell 2.2 percent to $54.05 in after-market trading.
(Reporting by Kanishka Singh in Bengaluru, Editing by Rosalba O’Brien)
Topics Carriers Data Driven
Was this article valuable?
Here are more articles you may enjoy.
Surveys Show Concerns About Florida Market, But Consumers Are Warming Up 
US E&S Outlook No Longer Positive: AM Best 
Lawsuit Over Burger King’s Whopper Ads Set Back by Federal Judge 
Businessman, Former Federal Insurance Co. Attorney Hit With $50M Florida Verdict 
