Elevating mortgage servicing through strategic outsourcing: A path to efficiency and growth
AI Summit On Demand
Free Webinar: 4X Your Real Estate Business with Jason Mitchell, America's #1 Broker
Buyer advocacy and beyond with Realtor.com CMO Mickey Neuberger
MortgageReverse

Over 70% of Mortgage Lenders Risk Data Breach

A stark majority of mortgage lenders large and small risk their clients’ financial information falling into the wrong hands, according to one cybersecurity firm’s  investigation.

Over 70% of mortgage lenders had information sharing practices in place that put their financial and personal data of their clients at risk, says a recent report from HALOCK Security Labs.

HALOCK investigated 63 U.S. mortgage lenders and found that over 45 of them allowed applicants to send personal and financial information over unencrypted email as email attachments. 

The cybersecurity firm also discovered that eight of the eleven top U.S. lenders allowed the same unsecure practices as smaller lenders. 

Such practices included faxing and mail-in options to transmit sensitive data such as tax documents and W-2’s.

The investigation found that nearly 70% of the surveyed lenders encouraged faxing sensitive data, while 40% provided a postal mail option. Only 12% of lenders offered a secure email portal.  

When asked why a secure email portal was not offered to applicants, several of the lenders surveyed by HALOCK responded that it was a matter of that the customer was “most comfortable with.”

“Oftentimes it was easier to have my clients send documents like W-2’s through email because everyone has access to an email account,” said one former mortgage lender HALOCK quoted anonymously. “Most of us [lenders] didn’t want to take the time to explain what a secure portal was and how to use it. Everyone understands what email is.

But email is not as secure as some might think, suggests Graham Cluley, publisher of Graham Cluley Security News, to HALOCK. 

“Email by its very nature is insecure: 99.9% of is is sent unencrypted,” said Cluley. “If it was invented today, no one would use it. Emailing unencrypted documents ‘in the clear’ creates a potential chain of issues.”

While the cost of boosting security measures might be an issue for some lenders, the extra effort of using a secure portal can pay off. 

“Any type of weak link in a system involving sensitive information exposes people to unnecessary risk,” says Terry Kurzynski, senior partner at HALOCK. “It takes months to recover from an identity theft and minutes to log into a secure portal. Do the math.”

Written by Jason Oliva

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular Articles

Latest Articles

real estate leaders need to be authentic
Selling your home to a family member in 5 easy steps 

Selling your home to a family member can be beneficial but requires careful planning and transparent communication. Follow these five steps to ensure a smooth transaction, from agreeing on logistics and assembling a professional team to determining your home’s value and understanding tax implications.

3d rendering of a row of luxury townhouses along a street

Log In

Forgot Password?

Don't have an account? Please