by Martin Edwards
Insider data loss
It's reported that US home mortgage lender Countrywide suffered insider data loss when an employee copied confidential data onto a flash drive.
The FBI arrested Rene L. Rebollo Jr., who had worked as a senior financial analyst at Full Spectrum Lending, Countrywide's subprime lending division, on Friday, and a suspected accomplice.
The security breach lasted two years and was detected in July. The identity theft scheme was designed to copy and sell on up to 2 million mortgage holders' details including their social security numbers.
It is thought that target customers for the data, which included mortgage application rejects, could have included other mortgage suppliers, as well as identity theft fraudsters needing social security numbers to open bank accounts.
Apparently Countrywide had a computer with lax insider data loss pevention controls. Its USB port was an open door through which up to 20,000 account details flowed at a time.