Urgent Update to Mortgage Security Breaches

Urgent Update to Mortgage Security Breaches – Please Read The Entire Notice

 This notice contains,

  • Critical information on the virus currently targeting mortgage brokers
  • Steps Credit Technologies is taking to enhance security that may impact your access credit data.
  • Immediate actions you should take to protect yourself from these attacks

On 4/2/2010, we issued an alert about an email based virus that was targeting mortgage brokers and lenders Nationwide. This “key logger” virus, continues to be sent to thousands of mortgage professionals. Once infected, the hackers are able to collect all information on the infected computer including access to your banking, credit card and credit reporting accounts – virtually anything that is accessed from that computer including access to your LOS and borrower files.  These attacks are continuing with alarming success. The hackers are finding that many mortgage professionals do not have adequate security in place and are able to access their computers and effect data breaches. To date, these breaches have impacted hundreds of mortgage professionals and thousands of consumers.

 Steps Credit Technologies Is Taking

 In order to assist our clients in combating these attacks, Credit Technologies is taking immediate action to enhance security procedures as it applies to protecting consumer credit data including, 

  • Effective immediately – The default daily order limits have been reduced to 10 reports a day (per user login.) This can be adjusted on an as-needed basis.
  • After Hours Web Access Restrictions – Effective April 12 2010, after hours web access will be available only to devices on which a security certificate has been installed (you are automatically prompted to install the security certificate the first time you access Credit Technologies.) This will not impact users that access through a LOS, FNMA or FMAC. Full web access will be available Monday-Friday, between the hours of 8:00AM and 10:00PM Eastern (5:00am-7:00PM Pacific.)

 We are currently developing additional security features including enhancements to the security certificate that will further protect your account from potential data breaches.

 Steps You Should Take immediately 

  • Make sure you have anti-Virus and Anti-Spyware protection installed on EVERY computer that has access to the Internet and that it is set to automatically update not less than once per week. This simple solution will protect you from this ongoing attack. If you do not have Anti-Virus software installed, it must be installed and a full system scan completed prior to accessing consumer credit data. Credit Technologies does not endorse or require any specific brand of anti-virus software. There are numerous versions available including free versions such as Avast
  • Make sure every computer with access to the Internet is protected by a Firewall. This protects your computer from hackers that scan the Internet looking for unprotected computers, then accesses your computer through an unlocked or open port. These types of intrusions can happen without you receiving any virus email or clicking on any link. Most operating systems (i.e. Microsoft Windows) have a built in Firewall, just make sure it is turned on. There are also numerous other firewall programs available, including a free version offered by ZoneAlarm
  • Once you have current and up to date Anti-Virus and Spyware protection – complete a full system scan of all computers to confirm that no viruses are present. Once this scan is complete, we strongly suggest you evaluate all login credentials (not just those for accessing Credit Technologies) and select passwords that cannot be guessed or easily researched through the Internet or through background searches (the hackers are using cheap background searches to defeat security questions such as “Where Were You Born”, or “Parents Names”.)

We strongly urge you to share this information with every employee and promote the recommendations contained therein.  Credit Technologies will keep you apprised of any further developments regarding this issue.

Thank you for choosing Credit Technologies and for your swift adoption of these safeguards.

Thomas Conwell

President and founder, Credit Technologies, Inc. Past President/Director National Consumer Reporting Association (NCRA.)