[BreachExchange] Man arrested over leaking 100, 000 home loan customers' private data
Destry Winant
destry at riskbasedsecurity.com
Thu Oct 3 01:55:31 EDT 2019
https://au.finance.yahoo.com/news/man-arrested-over-leaking-100000-home-loan-customers-private-data-031224645.html
An IT contractor has been arrested over a data breach that saw
thousands of Australian home loan customers' details splashed all over
the dark web.
NSW police raided the man's home and a data centre in the inner west
of Sydney on Wednesday morning.
The 49-year-old was arrested in downtown Sydney at 8am, with charges
expected to follow later in the day.
In February, many home loan providers, including all four major banks,
were forced to scramble after property evaluation firm Landmark White
disclosed that the private details of thousands of customers had been
leaked.
The ASX-listed company, which provides evaluation services for banks
when a customer submits a home loan application, had not known about
the breach until real estate research firm CoreLogic notified it.
Then in March the leaked data appeared on the dark web – a
hard-to-access corner of the Internet frequented by those who want to
be anonymous, often so they can conduct shady, and sometimes illegal,
activities.
Landmark White never disclosed the exact number of home loan customers
were affected, but Fairfax Media has reported it as around 100,000.
NSW Police stated 170,000 records were stolen.
"We understand that the dataset contained property valuation and some
personal contact information of borrowers, lenders, homeowners,
residents, and property agents, including first and last name,
residential address, and contact numbers," stated LandMark.
"The dataset also includes commentary about the property, relevant to
its overall valuation."
DoorDash hack leaks data of nearly 5m people
DoorDash is facing new scrutiny as the food-delivery company says it
was the victim of a data breach that exposed the information of nearly
5 million users. Yahoo Finance's Kristin Myers and Emily McCormick
discuss with The King's College Business and Finance Program Chair,
Brian Brenberg.
When the breach first became known, all four of the big banks
suspended its use of Landmark White.
Landmark White stated Wednesday that it was "pleased to advise" of the arrest.
"Investigations have revealed that the breach was carried out by an
individual external to the company with trusted inside access, and the
circumstances suggest that this person deliberately targeted LMW with
an intent to damage our business and reputation.
"We are working with the [NSW Police] Cybercrime Squad to understand
the motives for these actions."
The company stated that "a number of financial institutions" have
removed their suspension.
More information about the BreachExchange
mailing list