The man accused of stealing customer data from Countrywide might have been able to download data to an external drive
CALABASAS, CA – The man accused of stealing customer data from home mortgage lender Countrywide was probably able to download and save the data to an external drive, due to an oversight by the company's IT department.
On August 1, Rene Rebollo, a former senior financial analyst at Countrywide, was arrested for his alleged role in stealing customer data and selling it.
Rebollo told US Federal Bureau of Investigation agents that he had known that the computers in the Countrywide office had security features that restricted downloads of data to an external source, but that he had found one that didn’t. FBI affidavits show Rebollo admits collecting names on request by his buyers and downloading them onto his personal thumb drive using that one computer in the office. Rebollo might have specifically collected names of people who recently declined an offer of a loan by Countrywide, for example.
The accused estimates that, over a two-year period, he downloaded approximately 20,000 customer profiles each week and sold files with that many names for US$500, according to the affidavit. The profiles included Social Security numbers and other personal details.
Countrywide's owner, Bank of America, has not responded to a request for information about the type of security it employs to prevent this type of theft. According to a statement from the FBI last week, Countrywide says it is analysing the stolen data to determine whether any customer identities have been compromised. If they have, the company says it will notify the customers affected.
More on Regulation
Foreign CCPs may get surprise grace period
Banker behaviour remains in the spotlight after recent rule proposals
Benefits depend on "safe space" for mistakes and questions, seminar hears
Graduates must be warned of the serious risks of market abuse
Sign up for Risk.net email alerts
Watch highlights of this year's London conference
Operational risk and the challenges of defining and dealing with conduct risk
Watch discussions and speakers from our North America conference
In the February 2014 editorial video, OpRisk's latest industry survey finds room for improvement in risk management
There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.