Two redacted files among millions of mortgage and financial documents found on the exposed server (Image: TechCrunch)
The Federal Trade Commission has approved a settlement with a mortgage data analytics firm for a 2019 security lapse that exposed millions of sensitive mortgage documents containing private information of thousands of Americans.
The settlement, announced late December, orders the Texas-based firm Ascension to strengthen its security practices and ensure that its vendors also maintain proper data security safeguards. The order comes two years after a TechCrunch investigation found that OpticsML, a New York-based vendor working for Ascension, left a database of highly sensitive financial data exposed to the internet without a password.
The FTC accused Ascension of failing to ensure that its vendors were complying with data security safeguards as required by the Gramm-Leach Bliley Act’s Safeguard Rule.
Much of the 24 million records exposed by the security lapse include …
