A massive data leak of mortgage and loan data has exposed highly sensitive information from tens of thousands of people who obtained loans and mortgages over the past decade. The leaked documents include financial agreements between those seeking credit and several banks and finance companies. According to published reports, some of those financial institutions include Capital One, Wells Fargo, and some federal loan groups.
Some of the documents were loans and mortgage agreements from banks and financial institutions across the U.S. Others were documents from the U.S. Department of Housing and Urban Development. Names, addresses, phone numbers, and Social Security numbers were discernible on items like W-2 tax forms and loan repayment schedules. One trove containing the original documents and another containing scanned copies in a computer readable format were found on unprotected servers.
It is unknown how long the documents were left exposed or who may have accessed them. The source of the leaking database appears to be a Texas-based data and analytics company called Ascension. Ascension has in turn blamed New York-based document management startup OpticsML, one of its vendors, as mishandling the data. OpticsML’s website has been pulled offline and the listed phone number has been disconnected.
The files were comprised of over a decade of information so some of the information may no longer be usable for hackers and other criminals. The number of people affected remains unknown and there does not seem to be an automatic way to check whether or not a particular person’s data has been exposed. The financial institutions with exposed documents have reportedly been notified and it is very likely that they will begin contacting affected parties in the near future.