In the latest data-security news, researchers found that about 24 million financial documents from U.S. banks were exposed and accessible online, stored in databases without password protection.
Some of the exposed data included Social Security numbers, names, addresses and checking account numbers. It’s suspected that the data exposure only lasted about two weeks, and there have been no reports of malicious activity using the exposed information, but the scale of this lapse is a reminder to safeguard your data.
Working with TechCrunch, independent security researcher Bob Diachenko discovered the security flaw on January 10, and traced it back to Ascension, a data and analytics company working with financial institutions to convert paper records to a computer-readable format.
The exposed data was stored on a server that wasn’t password protected, meaning anyone with the know-how could have accessed it.
Ascension has stated that the database in question was shut down on January 15, after it was alerted to the security vulnerability. But some of these original loan and mortgage documents may also have been exposed in a separate unprotected database used by a vendor working with Ascension, OpticsML, and it’s unclear if anyone accessed the documents there.
This latest instance of exposed data is a timely reminder that your information isn’t always properly safeguarded by third parties. Here are some tips to help you keep your data more secure online.
- Keep passwords secure. Even though there haven’t been any reports of data misuse following this data leak, it serves as a reminder that your information can be vulnerable online. It’s a good idea to make sure you don’t use the same password in multiple places. If you need help remembering your various passwords, consider using a password manager.
- Add multifactor authentication. Even if you have a strong password, some websites may not have secure data-storage methods. For an added layer of protection, think about enabling two-factor authentication on any site or account that offers it.
- Monitor your credit reports and consider locking or freezing your credit. Both locks and freezes can help prevent new accounts from being opened in your name. You can ask the three major consumer credit bureaus — Equifax, Experian and TransUnion — to freeze or lock your credit reports at any time.
As a Credit Karma member, you can track your credit lock status with Equifax and TransUnion using our Identity Monitoring tool. And you can enable our free credit monitoring service and we’ll notify you if we notice important changes on your Equifax or TransUnion credit reports so that you can check for suspicious activity.