Millions of mortgage and loan documents leak their way online
- A massive leak of loan and mortgage data was discovered.
- Tens of thousands of US borrowers have had their information exposed.
Millions of mortgage and loan documents with sensitive financial data on tens of thousands of individuals were found exposed on a server without a password.
The trove included 24 million financial and banking documents, representing tens of thousands of loans and mortgages from some of the biggest banks in the U.S.
What happened: TechCrunch traced the source of the data to a password-less server in Texas that belonged to data and analytics company, Ascension (which promptly blamed a vendor).
The unprotected server had more than a decade’s worth of data, including loan and mortgage agreements, repayment schedules and financial and tax documents.
What leaked: One of the services Ascension offers is the conversion of paper documents and handwritten notes into computer-readable files, known as OCR. The documents were in OCR format and were hard, but not impossible, to read. Personally-identifiable information like names, addresses and Social Security numbers were exposed.
A researcher found similar data exposed on an AWS server.
Ascension’s parent company is Rocktop Partners, which owns more than 46,000 loans worth $4.4 billion.