Countrywide loses personal data in insider scam

Share this article:

A former Countrywide Home Loans employee was one of two California men charged in a scam to steal and sell personal data of customers.

Rene Rebollo Jr. of Pasadena was charged with exceeding authorized access to Countrywide's data, and Wahid Siddiqi of Thousand Oaks was accused of fraud. 

Rebollo are accuse of downloading information of 20,000 customers once a week for two years, then selling the identity batches to a third party for $500.  According to public reports, Countrywide spokesperson Susan Martin said 19,000 customers have been notified that their identities may have compromised.

This was a monitoring breakdown on many levels, Michael Maloof of TriGeo Network Security told on Monday.

“The data access alone is a classic example of what I'd call privileged abuse,” Maloof said. “This gentleman had legitimate reasons to access this data, but not on Sunday and not to download 20,000 records at a time. Simple monitoring should have caught this.”

Maloof also questioned the IT security policy of letting someone use an USB or external storage device, as Rebollo was alleged to use.

“It would be a reasonable use entirely, but at the very least there should be monitoring of the type of information that is being downloaded to external devices,” Maloof said. 

Gartner analyst Avivah Litan told that she is concerned that this type of data theft is more pervasive than is generally realized.

“One company, in this case Countrywide, is getting the headlines,” she said, “but this could be a rampant practice throughout the industry.”


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.