Data Breach Reveals Tech Players in Storage and Manipulation of Documents

I often find clues to the “who” question of reporting in little known articles about data breaches. We find in this article the names of players who have vanished or still exist with data breaches allowing anyone to view tens of millions of mortgage loan files on servers that, among other things, change the images to documents in which the writing can be changed or lifted to create another document.

My take is that this information was released to portray the banks as victims or perhaps negligent instead of acting intentionally to fabricate, alter or change documents for different purposes.

see Data Breaches at Unknown Companies

So what is being portrayed as a data breach might be a contrived plan to distract attention from the ongoing activities that lead to (1) illegal sales of “mortgage-backed securities” that are not actually backed by mortgages, (2) illegal sale of loan products that are/were guaranteed to fail and (3) illegal foreclosures.

The following are relevant quotes from the article. I have made the name BOLD so readers can perform further research and investigation and hopefully report back to us on their findings:

The server, running an Elasticsearch database, had more than a decade’s worth of data, containing loan and mortgage agreements, repayment schedules and other highly sensitive financial and tax documents

It’s believed that the database was only exposed for two weeks — but long enough for independent security researcher Bob Diachenko to find the data. At first glance, it wasn’t immediately known who owned the data. After we inquired with several banks whose customers information was found on the server, the database was shut down on January 15.

With help from TechCrunch, the leak was traced back to Ascension, a data and analytics company for the financial industry, based in Fort Worth, Texas. The company provides data analysis and portfolio valuations. Among its services, the Ascension converts paper documents and handwritten notes into computer-readable files — known as OCR.

TechCrunch has learned that the vendor is New York-based company OpticsML. Efforts to reach the company were unsuccessful. Its website is offline and its phone number was disconnected from service.

the documents pertain to loans and mortgages and other correspondence from several of the major financial and lending institutions dating as far back as 2008, if not longer, including CitiFinancial, a now-defunct lending finance arm of Citigroup, files from HSBC Life Insurance, Wells Fargo, CapitalOne and some U.S. federal departments, including the Department of Housing and Urban Development.

the database stored documents in a random order, and were not easily followable or presented in an easy to read or formatted way, making it difficult to follow from one document to another,

Dozens of other companies are affected, including smaller regional banks and larger multinationals.

A Wells Fargo spokesperson said the data was obtained by Ascension from other entities that purchased Wells Fargo mortgages. HSBC said it was investigating if any of its customers’ data, including past customers, and confirmed it had “no vendor relationship with Ascension since 2010.” When reached, CapitalOne did not comment at the time of publication. A Housing and Urban Development spokesperson did not respond to a request for comment.

3 Responses

  1. Reblogged this on Deadly Clear.

  2. I knew that Cloud storage was a bad idea the day I first heard of it.

  3. WellsFargo denied my 🏠 Modification saying “we did not like your previous history mortgage” I guess what they meant they regret for not stealing my home previously when I tried to modify toward the end they gave me 5 days pay or foreclosed! But this time wf did not give me chance to pay instead they betrayed me to another servicer BSI they r collection was no chance to catch up w their game
    What else @WellsFargo did not commit crime?

Contribute to the discussion!

%d bloggers like this: