
IT weakness might have allowed Countrywide security breach
Daily news headlines
CALABASAS, CA – The man accused of stealing customer data from home mortgage lender Countrywide was probably able to download and save the data to an external drive, due to an oversight by the company's IT department.
On August 1, Rene Rebollo, a former senior financial analyst at Countrywide, was arrested for his alleged role in stealing customer data and selling it.
Rebollo told US Federal Bureau of Investigation agents that he had known that the computers in the Countrywide office had security features that restricted downloads of data to an external source, but that he had found one that didn’t. FBI affidavits show Rebollo admits collecting names on request by his buyers and downloading them onto his personal thumb drive using that one computer in the office. Rebollo might have specifically collected names of people who recently declined an offer of a loan by Countrywide, for example.
The accused estimates that, over a two-year period, he downloaded approximately 20,000 customer profiles each week and sold files with that many names for US$500, according to the affidavit. The profiles included Social Security numbers and other personal details.
Countrywide's owner, Bank of America, has not responded to a request for information about the type of security it employs to prevent this type of theft. According to a statement from the FBI last week, Countrywide says it is analysing the stolen data to determine whether any customer identities have been compromised. If they have, the company says it will notify the customers affected.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
More on Regulation
SEC may lack legal clout to impose new dealer rule – Citadel
Adoption of quantitative dealer definition may require congressional changes to US Securities Exchange Act
US Basel endgame hits clearing with op risk capital charges
Dealers also fret about unlevel playing field compared with requirements in the EU
CFTC’s clearing house recovery rule splits industry
Some fear CCPs will fast-track recovery, others say any rule book will be ignored in emergency
EU banks ‘will play for time’ in stand-off over India’s CCPs
Lawyers say banks are unlikely to set up subsidiaries and will instead pin hopes on revised Emir fix
ECB mulls intervention on uneven banking book reporting
Inconsistency among EU banks on whether deposits and loans are in scope for credit spread risk
Iosco warns of leveraged loan ‘vulnerabilities’
As recovery rates plummet, report calls for clearer covenants and more transparency on addbacks
Narrow path to compromise on EU’s post-Brexit clearing rules
Lawmakers unlikely to support industry demand to delete Emir active accounts proposal altogether
The Fed’s stress test models are inaccurate. Something has to change
First step for US regulator to improve its bank loss forecasts would be to open up its models to public scrutiny, argue two banking industry advocates