First American Financial Exposed 885 Million Sensitive Files Online

A recent report revealed a major data leakage incident compromising the security of sensitive records. The victim firm was “First American Financial Corporation” whom inadvertently exposed hundreds of millions of sensitive files publicly. The incident happened due to a flaw in their website.

First American Financial Corp. Exposed Huge Data

As disclosed by KrebsOnSecurity, a Fortune 500 firm ‘First American Financial Corporation’ emerged as the recent victim of data leakage. The firm accidentally exposed huge records online due to a glitch in their website.

The incident first caught the attention of a real estate developer who then contacted KrebsOnSecurity and shared his findings. He found that a slight modification of the website’s URL could let any visitor view any document. As stated by Krebs,

Anyone who knew the URL for a valid document at the Web site could view other documents just by modifying a single digit in the link. And this would potentially include anyone who’s ever been sent a document link via email by First American.

Krebs validated the developer’s findings and found that the firm’s website exposed nearly 885 million files. These documents date back to 16 years ago, as the oldest document referred to a 2003 transaction. Accessing these files required no authentication. Precisely, anyone having an internet connection could view those files simply by visiting the firm’s site.

Regarding the kind of information exposed, Krebs stated,

The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available.

Vulnerability Now Patched

Allegedly, the real estate developer, Ben Shoval, who first noticed the glitch attempted to contact First American Financial Corp. However, upon receiving no response, he involved Krebs to handle the matter. As the researcher confirmed the vulnerability and data exposure, he reported it to the firm. Consequently, the firm rectified the matter on Friday, May 24, 2019.

First American firm did not comment about the precise number of leaked records, nor did they state anything about the duration of the incident in their statement. Nonetheless, the researcher could confirm that the documents remained exposed since March 2017 (as evident by archive.org).

In a statement regarding the matter, a First American spokesperson told,

First American has learned of a design defect in an application that made possible unauthorized access to customer data… The company took immediate action to address the situation and shut down external access to the application. We are currently evaluating what effect, if any, this had on the security of customer information. We will have no further comment until our internal review is completed.

However, it remains unconfirmed if any bad actor had accessed this data before the report.

First American Financial Corporation is a Fortune 500 California-based company providing title insurance and settlement services to mortgage and real estate industries.

Related posts

ZenHammer Memory Attack Exploits Rowhammer Against AMD CPUs

Sign1 Malware Targeted Over 2500 WordPress Sites In Recent Campaign

Unsaflok Flaws Allow Unlocking Saflok Door Locks With Forged Cards