Over 24 million mortgage documents were exposed this month for an extended period of time. The security lapse was first reported by Zack Whittaker of TechCrunch Wednesday afternoon who assisted Bob Diachenko in tracing the leak back to Ascension.
“On January 15, this vendor learned of a server configuration error that may have led to the exposure of some mortgage-related documents,” said Campbell. “The vendor immediately shut down the server in question, and we are working with third-party forensics experts to investigate the situation. We are also in regular contact with law enforcement investigators and technology partners as this investigation proceeds.”
Ascension, a Fort Worth, Texas-based company that provides data and analytics to the financial services industry, left a server unprotected for more than two weeks. TechCrunch reported that the unprotected online server that didn’t have a password is the cause of the leak. During that two week timeframe, massive amounts of sensitive mortgage data were released, including highly personal information like social security numbers, names, addresses, financial information, and other documents linked to the mortgage approval process. The Ascension server had more than a decade’s worth of data containing documents, processed using OCR, that were linked to Citigroup, Capital One, Wells Fargo and even the Department of Housing and Urban Development.
Ascension’s parent company Rocktop Partners owns more than 46,000 loans worth $4.4 billion. Ascension will be contacting the affected individuals. In the meantime, if you suspect your personal information has been compromised, freeze your credit, monitor all of your accounts, and increase your account security with a two-factor authentification.