[BreachExchange] San Diego County Bank May Have Left Millions Of Customers’ Data Exposed

Destry Winant destry at riskbasedsecurity.com
Tue Aug 6 10:17:19 EDT 2019


A local San Diego bank may have left around a million pieces of its
customers’ financial data exposed to the public. News of the incident
comes just days after a national data breach from the bank Capital

Vice News reported that the Bank of Cardiff, a Del Mar located finance
and loan business, left an online Amazon storage service filled with
recorded phone calls between employees and customers completely
exposed to the public.

KPBS reached out to the bank for phone comment, but was turned away.
When a KPBS reporter went in person to the bank, an executive there
refused to comment and slammed the door shut.

According to Vice, which had access to the data, the storage service
included sensitive personal information like phone numbers and names.
It transcribed one of those phone calls, as seen below.

"I'm calling in regards to a business loan that the business took out
with [redacted company's name] back in 2013. [Redacted name] is the
point of contact; is he the only owner?" the Bank of Cardiff employee
said in the recording.

News of the incident came Thursday, the same day San Diego hosted a
Cybersecurity Conference, where industry leaders said threats like
this to personal data are increasingly common, especially with so many
actors involved in security.

More information about the BreachExchange mailing list