Exploit: Unsecured Database
MAXEX: Loan Trading
Risk to Small Business: 1.772 = Severe
Georgia-based home loan trader MAXEX had a data disaster this week as an estimated 9GB of data leaked from a suspected insecure server. Some of the data is from backend software development for its loan-trading platform. But a substantial portion included confidential banking documents, system login credentials, emails, the company’s data breach incident response policy, and cybersecurity readiness reports. The breach also exposed complete mortgage documentation for at least 23 individuals in New Jersey and Pennsylvania. The incident investigation is ongoing.
Individual Risk: 2.011 = Severe
Financial information for clients was leaked, opening customers up to identity theft concerns. Some impacted clients had no idea that MAXEX currently had their loan, creating complications for informing customers who may be affected. Consumers should check to see who is servicing their mortgage and take precautions against identity theft and spear phishing if that provider is MAXEX.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Sloppy security can mean that if you do have an incident like a data breach, you might not even know where to start looking for the cause, putting your business at risk for an expensive investigation in addition to a data disaster.