Sunday, August 10, 2008

IT Security Oversight May Have Enabled Countrywide Data Breach

Nancy Gohring writes on ComputerWorld:

A former employee accused of stealing customer data from Countrywide Financial Corp. may have been able to download the information to a thumb drive because of an oversight by the home mortgage lender's IT department.

Rene Rebollo, a former financial analyst at Countrywide, was arrested Aug. 1 in Pasadena, Calif., for allegedly stealing and selling the data, which included names, Social Security numbers and contact information.

According to affidavits filed in U.S. District Court in Los Angeles, Rebollo told FBI agents that most of the computers in the office where he worked had a security feature that prevented the use of thumb drives -- but he had found one system that didn't.

He estimated that he downloaded about 20,000 customer profiles weekly over two years, according to the affidavits.

More here.


Post a Comment

<< Home