Countrywide data breach's reach expands exponentially

["Richard M. Smith" <rms () computerbytesman com>]

http://www.boston.com/business/articles/2008/09/18/countrywide_data_breachs_
reach_expands_exponentially?mode=PF

Countrywide data breach's reach expands exponentially
By Angel Jennings, Globe Correspondent  |  September 18, 2008

More than 45,000 Massachusetts consumers may have had personal information
stolen in the security breach at Countrywide Financial Corp. , according to
the company.

Countrywide alleged that a former employee sold personal information of 2.2
million customers, including Social Security numbers and mortgage loan
numbers, to a third party. Two arrests have been made.

The number of affected consumers in Massachusetts is far greater than
initially thought. On Aug. 1, in a letter to Daniel Crane, director of the
state Office of Consumer Affairs and Business Regulation, Countrywide said
it mailed notification letters to "three affected Massachusetts consumers."

On Sept. 10, the California mortgage lender sent a second letter, saying
that "as a result of the ongoing investigation," Countrywide had identified
45,283 at-risk consumers in Massachusetts. State law requires agencies that
store consumers' personal information to issue notifications of security
breaches "as soon as practicable and without unreasonable delay."

According to FBI reports, Countrywide fired the accused employee, Rene
Rebollo Jr., in July. Rebollo allegedly confessed to downloading 20,000 data
files per week for two years, and said he earned as much as $70,000 from the
sale of the data. Wahid Siddiqi is being charged for allegedly purchasing
the information.

...

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.