Would a Data Leak Expose Your Bank Loan and Mortgage Information?

    Would a Data Leak Expose Your Bank Loan and Mortgage Information?

    We live in an era of increasing data insecurity, with data breaches and leaks a common occurrence, and reports of identity theft growing year on year. One question netizens have been asking online is what this threat environment means for loan and mortgage information. Read on for our take. 

    Data Leaks: Bank Loan and Mortgage Information 

    Bank loan and mortgage information is a common target in data-based cyberattacks. In recent years, we’ve seen several such leaks that together constituted tens of millions of banking records, including loan and mortgage data. The first of these was uncovered in 2019, and revolved around the data company, Ascension, having its systems breached. Clients of Ascension involved such giants as Wells Fargo, Citigroup, and HSBC; 24 million records were left exposed for over two weeks, with the data including: 

    • mortgage agreements,  
    • tax documents,  
    • and repayment schedules. 

    Shortly after this, another trove of documents (23,000 pages long) was discovered on an unprotected Amazon server. This data was a goldmine for fraudsters and included: 

    • Social Security numbers,  
    • bank account numbers and balances 
    • home addresses,  
    • tax forms, 
    • and income/asset data. 
    Bank loan and mortgage information may be exposed in data leaks

    Fast forward to 2021, and another data leak hit the news. This involved Nations Reliable Lending (NRL), a well-known residential mortgage company. Over 3 million records were discovered on a non-password protected database. While loan and mortgage data remained encrypted, a huge amount of internal and administrative data was exposed, with the latter potentially able to be used to access more sensitive data.  

    More recently, Citywide Home Loans, a mortgage company that operates in 25 states, settled in a $1.2 million data breach lawsuit, after being accused of negligence that led to a breach back in 2020. The compromised data in that incident included: 

    • names and addresses,  
    • phone numbers,  
    • dates of birth,  
    • Social Security numbers,  
    • passport numbers,  
    • driver’s license numbers,  
    • credit card information,  
    • bank account information,  
    • and medical/insurance information. 

    Citywide Home Loans denied liability, but decided to settle in the hope of putting an end to the claims. Taken together, the above incidents show how sensitive mortgage and loan data really is. Even when such data is not specifically affected, other data can act as a kind of bread crumb trail leading to a victim’s mortgage and loan information. Mortgages and loans can also be leveraged by cybercriminals in identity theft attacks. It’s important therefore, that citizens keep on top of their data security and know the warning signs to look out for. 

    Seven Warning Signs of Identity Theft 

    1. A tax return is filed under your name without your authorization. 
    2. Mail is addressed to your home but to another person. 
    3. Debt collectors get in touch regarding accounts you don’t recognize. 
    4. Your information was leaked in a data breach. 
    5. You are billed for medical services you never used. 
    6. You spot a new account in your name that you didn’t open. 
    7. The IRS get in touch to inform you that you’re Social Security card is being used fraudulently. 

    Top Tips for Staying Protected 

    1. Stay on top of bills: Know what you owe and when it’s due. If you stop receiving a bill, and it wasn’t you that made this change, this could be a red flag that someone has changed your billing address. Similarly, if you receive new bills, which you didn’t sign up for, an identity thieve may be using your personally identifiable information (PII). 
    2. Bank statements: You should regularly review your bank account statements. If you see a transaction that you don’t recognize, it could be a sign that your identity has been stolen. 
    3. Credit report: You should also check your credit regularly. To do so you’ll need to request a report from the three credit-reporting bureaus (Equifax, Experian, and TransUnion). Your credit score isn’t enough to ascertain if you’re identity has been stolen; you’ll need the full report to check for unknown accounts and transactions, and to look for any false information. For a guide on how to do this, head over here

    Protecting Your Identity and Personal Info 

    Compromised personal data can have serious consequences, including identity theft, financial fraud, and job losses. The best thing you can do is a) have reliable cybersecurity protection, and b) ensure you will find out ASAP in the event of being affected. We would encourage readers to head over to our new FREE ID Protection platform, which has been designed to meet these challenges.  

    ID Protection Homepage
    ID Protection Homepage

    With ID Protection, you can: 

    1. Check to see if your data (email, number, password, credit card) has been exposed in a leak, or is up for grabs on the dark web; 
    2. Secure your social media accounts with our Social Media Account Monitoring tool, with which you’ll receive a personalized report; 
    3. Receive the strongest tough-to-hack password suggestions from our advanced AI (they’ll be safely stored in your Vault); 
    4. Enjoy a safer browsing experience, as Trend Micro checks websites and prevents trackers. 

    All this for free — why not give it a go today? As always, we hope this article has been an interesting and/or useful read. If so, please do SHARE it with family and friends to help keep the online community secure and informed — and consider leaving a like or comment below. Here’s to a secure 2023! 

    Post a comment

    Your email address won't be shown publicly.


      This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings.