Countrywide loses personal data in insider scam

Share this article:

A former Countrywide Home Loans employee was one of two California men charged in a scam to steal and sell personal data of customers.

Rene Rebollo Jr. of Pasadena was charged with exceeding authorized access to Countrywide's data, and Wahid Siddiqi of Thousand Oaks was accused of fraud. 

Rebollo are accuse of downloading information of 20,000 customers once a week for two years, then selling the identity batches to a third party for $500.  According to public reports, Countrywide spokesperson Susan Martin said 19,000 customers have been notified that their identities may have compromised.

This was a monitoring breakdown on many levels, Michael Maloof of TriGeo Network Security told SCMagazineUS.com on Monday.

“The data access alone is a classic example of what I'd call privileged abuse,” Maloof said. “This gentleman had legitimate reasons to access this data, but not on Sunday and not to download 20,000 records at a time. Simple monitoring should have caught this.”

Maloof also questioned the IT security policy of letting someone use an USB or external storage device, as Rebollo was alleged to use.

“It would be a reasonable use entirely, but at the very least there should be monitoring of the type of information that is being downloaded to external devices,” Maloof said. 

Gartner analyst Avivah Litan told SCMagazineUS.com that she is concerned that this type of data theft is more pervasive than is generally realized.

“One company, in this case Countrywide, is getting the headlines,” she said, “but this could be a rampant practice throughout the industry.”

 

Share this article:

Sign up to our newsletters

More in News

Latest Citadel trick allows RDP access after malware's removal

Latest Citadel trick allows RDP access after malware's ...

Trusteer, an IBM company, said the new Citadel configuration was detected this month.

Cryptoblocker variant emerges, encryption differs from CryptoLocker

Trend Micro has detected a variant of CryptoLocker in the wild that relies on the advanced encryption standard.

Jimmy John's sandwich chain investigating possible breach

Some financial institutions have indicated that credit cards recently used at Jimmy John's locations have been used to make fraudulent purchases.