First American Financial Corp. exposed 885 million records related to mortgage deals going back to 2003. New York State Department of Financial Services says the breach went undetected for years. The company faces penalties of up to $1,000 per violation. First American says its own investigation determined only a very limited number of consumers and none from New York had personal data accessed without permission. The records exposed by First American would have been a virtual gold mine for phishers involved in so-called Business Email Compromise (BEC) scams.”]
Source: https://krebsonsecurity.com/2020/07/ny-charges-first-american-financial-for-massive-data-leak/