Massive Data Leak Exposes Millions of Loan and Mortgage Documents

Last Wednesday, TechCrunch reported that a “trove of more than 24 million financial and banking documents, representing tens of thousands of loans and mortgages from some of the biggest banks in the U.S.” had been left exposed online for more than two weeks. It was found that Ascension, a data services company for the financial industry, had failed to properly secure a database that contained more than a decade’s worth of mortgage agreements, borrowers’ tax documents, repayment schedules, and other mortgage origination documents from some of the largest financial institutions in the world, including Wells Fargo, Citigroup, and HSBC.

Then, just one day later, a second cache of documents was found on an unprotected Amazon S3 server with more than 23,000 pages of original bank loan and mortgage documents in PDF format. Many of the documents on the second server matched those found in the previous exposure, but instead of being OCR conversions of original documents into hard-to-read digital formats, the new cache contained clearly legible copies of the original paper documents themselves.

Many of the documents contained extremely sensitive personal and financial information on tens of thousands of borrowers, including Social Security numbers, bank account numbers, home addresses, loan balances, W-2 tax forms, as well as income and asset data, information which provides a highly granular view of a person’s finances.

Such a breadth of data is a goldmine for fraudsters and puts customers at heightened risk of identity theft. Using the exposed data, identity thieves could easily file fraudulent tax returns, take out loans under someone else’s name, or make unauthorized withdrawals from bank accounts. Already on high alert for potentially fraudulent activity, such a severe leak is sure to put the banking and financial industry even further on edge.

Financial data poses an acute risk to both borrowers and lenders alike, especially when plain-text documents containing highly sensitive data are still being stored on unprotected servers in the cloud, which when compromised can lead to significant financial losses and the rapid erosion of customer trust. With data hacks and leaks on the rise, now more than ever it is incumbent upon financial institutions to take proactive steps to protect customer data.

Bloom Journey: The Future of Lending

Enter Bloom Journey, a secure loan application solution for financial institutions that brings lending into the digital age. No more manual data entry and processing. No more unsecure and antiquated data sharing models. No more centralized storage of highly sensitive financial data. With Journey, Bloom enables lenders to protect customer data with cutting-edge blockchain technology while providing a seamless lending experience that makes applying for credit a simple and streamlined process, reducing the risk of data breaches and minimizing costs associated with customer on-boarding, compliance, and fraud prevention. Journey helps you customize flows quickly, increase customer conversion rates, and close loans faster

For more information, please contact partnerships@bloom.co.

Experience the Bloom difference, download the Bloom mobile app today.

About Bloom

Bloom is a blockchain solution for identity security and cross-border credit scoring, restoring ownership and control of identity information and financial data back to consumers. By decentralizing the way that information is shared between untrusted parties, the system reduces the risk of identity theft and minimizes costs associated with customer on-boarding, compliance and fraud prevention.

To learn more about the latest with Bloom:

Massive Data Leak Exposes Millions of Loan and Mortgage Documents
Share this