Largest Breach in Years

2008-08-26

In 2006, Countrywide Financials Mortgage Banking segment financed 20% of all mortgages in the United States, at a value of about 3.5% of United States GDP, a portion greater than any other single mortgage lender. Countrywide Financials stock has been described as the "23,000% stock" by Fortune magazine. Between 1982 and 2003, Countrywide delivered investors a 23,000% return, exceeding the returns of Washington Mutual, Wal-Mart, and Warren Buffet's Berkshire Hathaway. - Wikipedia.

Earlier this month, two men were arrested for stealing and selling the personal data belonging to an estimated 2 million of Countrywide's mortgage applicants. One of the men, Rene L. Rebollo, is a former employee at Countrywide. He worked as a senior financial analyst at Full Spectrum Lending, Countrywide's subprime lending division, and was charged with unauthorized access to a financial institutions computer. Another man was also arrested, Wahid Siddiqi, for re-selling the Countrywide data stolen by Rebollo.

The Los Angeles Times reported, "In an affidavit filed in federal court, the FBI said Robello had voluntarily described the scheme. Rebello said he would charge $400 or $500 for batches of thousands of 'leads' - personal and account information that presumably would help outside loan agents solicit new mortgages from the Countrywide applicants, some of whom had been denied loans by the Calabasis company."

According to an affidavit by FBI Special Agent Richard P. Ryan, "Rebello would copy information on about 20,000 customers at a time on Sunday nights by using a Full Spectrum computer that did not have the same security features that other machines in the office had."

The U.S Attorney's Office stated, "At that rate, Rebello would have compromised up to 2 million customer profiles for about 2.5 cents each - an astonishingly small amount considering the importance of the material. Mortgage leads are among the most expensive for sale because of the potential payoffs to intermediaries when loans are made."

The sensitive information being stolen involved phone numbers, addresses, and Social Security numbers. Beth Givens, Director of the non-profit Privacy Rights Clearinghouse, said, "It's the potential for new account fraud that arises when Social Security accounts are compromised. That's the most serious kind of financial identity theft because large amounts can be involved and the fraud is more difficult to detect than it is on pre-existing accounts."

To read the entire Los Angeles Times article, go here.