First American data leak potentially exposes millions
- Auto/Toy Loans
- Home Loans
- Money Talk
- Money Tips
- Numerica News
- Recent Stories
The website for First American Financial Corp. [NYSE:FAF], a Fortune 500 real estate title insurance giant, potentially leaked hundreds of millions of documents related to mortgage deals going back to 2003, reported by KrebsOnSecurity.
At this time, the story is still developing, and it has not been confirmed what information has been breached through the First American website. We are monitoring the situation in order to provide you with up-to-date information.
Information potentially accessed includes names, Social Security numbers, birth dates and addresses. In some cases, driver’s license numbers, and credit card numbers could be attained as well.
The data leak was first discovered by a real estate developer in Washington State, Ben Shoval, who found that a portion of First American’s website (firstam.com) was leaking tens if not hundreds of millions of records. The exposed website has since been disabled.
“We are currently evaluating what effect, if any, this had on the security of customer information. We have hired an outside forensic firm to assure us that there has not been any meaningful unauthorized access to our customer data,” First American said in an emailed statement.
How does this affect you?
First American is in the process of determining the extent of this potential breach. To be clear, they are not aware if they have been hacked.
The weakness in their website could have exposed millions of files to phishers and scammers involved in so-called Business Email Compromise (BEC) scams, which often impersonate real estate agents, closing agencies, title and escrow firms in a bid to trick property buyers into wiring funds to fraudsters. According to the FBI, BEC scams are the most costly form of cybercrime today.
What are the best ways to protect my accounts from fraud?
There are several things you can do to make your accounts safer including:
- Being mindful on social media
- Using strong and unique passwords
- Monitoring your credit report
- Keeping an eye on your account
- Watch out for skimmers (Skimmers are external devices that fit over legitimate transaction sites like ATMs or gas station pumps)
Don’t be hooked by a phishing scam!
Some tell-tale signs to look for when determining if an email is a phishing attempt are:
- Generic greeting or not addressed to you (although this is not always the case)
- Poor grammar and punctuation
- The sending email does not use a correct domain after the “@”
- The email asks you to link to a webpage that does not have the correct domain or isn’t the real company’s web site
- The web address doesn’t use “https” (secure connection)
Check your credit score
Review your credit reports annually. The FACT Act allows you to receive a free credit report every year from each of the three major credit reporting agencies. Now is the perfect time to order your free annual credit report.
Review your accounts online
People who monitor their financial accounts and transactions online lose significantly less per fraud incident than those who rely on paper statements. Use Numerica’s Online Banking to regularly review your accounts.
Create enhanced ID questions
If the same questions used to identify you when you log into your account can be answers that you easily give out unknowingly on social media, it’s time to change them. You can do this by visiting a Numerica branch.
When you can, choose your own security questions. Select questions that are complex and not easy to find on your social pages. As a good test, scroll through your pictures and posts or do a quick Google search to see if you could answer these common security questions?
- Mother’s maiden name
- Pet’s names
- The city you met your spouse
- Your birthday. 68 percent of people shared their birthday and even if you don’t share it, friends and family might wish you a happy birthday on your wall.
Make sure the kids are safe
Children make an ideal target for identity theft for two reasons:
- Social Security numbers for minors are issued when they are born and then spend years in dormancy. This time of non-activity gives the thief years of use that can go undetected.
- Kids make easy targets
Freeze your credit
Enacting a credit freeze does not affect your current accounts. You can still use your credit card and use Bill Pay.
A credit freeze means potential creditors can’t get your credit report, making it less likely for new accounts (loans, credit cards, etc.) to be opened in your name.
If you discover fraudulent activity, you can freeze your credit. There is no cost to place a freeze.
Putting a credit freeze on your credit file does not affect your credit score.
At Numerica, we understand that a situation like this creates stress and anxiety about the safety of your account information.
If you have further questions about this or any other correspondence that looks suspicious, please visit your favorite branch or call us at 800.433.1837.
If you have been a victim of identity fraud, contact our Fraud Department at 800.433.1837 ext. 8333.