How bad is the 800 million-record First American data breach and can DeleteMe help homeowers who have their private home and personal data exposed?
If you have owned a home or currently own in the United States in the last 15 years, it is likely your personal information may have been exposed.
The information that First American has includes social
security numbers, drivers’ licenses, bank accounts, tax records, and of course,
detailed information about who owns homes of exactly what value. The exposed data appears to go back 15
First American is not a credit bureau like Equifax (where 150M Americans had their full effected in their data breach in 2017) instead it’s a “title insurance” company. US homeowners are likely familiar with title insurance but if you have never owned a home, it’s a form of insurance that protects a buyer and seller of homes from someone later claiming ownership.
As Wikipedia says, “Prior to the invention of title insurance, buyers in real estate transactions bore sole responsibility for ensuring the validity of the land title held by the seller. If the title were later deemed invalid or found to be fraudulent, the buyer lost his investment.”
This, of course, means that title insurers like to collect as many official documents that prove the identity and financial status of homeowners as possible. Their databases are full of this data because that’s “their business”. Because of the intrinsic nature of the business, title insurers tend to be more concerned with accuracy than with security. A data breach is a difficult-to-measurable externality in comparison to paying out claims for their insured properties (US title insurers by some estimates pay close to $1bn / year in claims these days).
Can I find out if my
house was part of the 885 million records exposed?
If you’ve owned, bought or sold a house in the last 15 years
in the United States, then there is a good chance the answer is yes. And if hour house is in the database, then
it’s likely the other sensitive personal information linked to it is there as
well – drivers license, tax history, social security number, and more.
However, First American doesn’t know if the security breach
was taken advantage of broadly – by hackers or others looking for this kind of
information. One problem is that once a
big security hole is identified, it can be difficult or even impossible to say
with certainty if hackers got it all – imagine leaving the door open by
accident and trying to figure out if someone came in and photographed all the
rooms in your house but left everything untouched. This is the analogous problem.
If the First American information was found, downloaded and/or
scraped by hackers or data brokers, it can lead to anyone being able to buy and
combine detailed information about home owners by doing some simple Google
Google searches for
your home address on Whitepages, Mylife and more
When a hacker or someone snooping around trying to find
information about you Google’s your home address, what typically comes up on
the first page are paid results from Data Brokers like White Pages and Mylife –
offering to sell your personal information to anyone in the world willing to
swipe their credit card usually for between $5 and $50.
Data broker personal
information data laundering
Data brokers buy this information from “many sources” which
they refuse to disclose. So the way
things can happen in a data breach is: 1. Hacker downloads information from
First American, 2. Overseas company buys it from hacker, “cleans it up” so it
looks legitimate, 3. US data broker buys it, combines it with their existing
info, and sells it. If asked, the
General Counsel of any US data broker will always claim they only buy legal,
legitimate information about consumers.
In reality, they don’t know. And
they have an incentive to “look the other way” which they all do and they know
How DeleteMe works to
remove your personal home info from Google
DeleteMe works by finding and removing consumers personal information from the sources that come up highest and most often in Google searches for your name + home address online: data brokers. DeleteMe finds and removes consumers and homeowners from dozens of top data brokers – and monitors these all year long to make sure information stays removed.
Can DeleteMe remove
your home address from the internet after the First American breach?
DeleteMe has removed over 12 million home addresses already and is the #1 information removal service in the world. One reason it is popular is it makes sure the addresses of these residences stay off the data brokers advertising them so the results high up on Google just disappear. Of course DeleteMe can’t remove every trace of information about consumers home addresses from the Internet – nobody can do that. But subscribing really does create a lower profile and keeps your home address and information linked to it from being super easy to Google.
Don’t have the time?
DeleteMe is our premium privacy service that removes you from more than 30 data brokers like Whitepages, Spokeo, BeenVerified, plus many more.
Save 20% on DeleteMe when you use the code DIYPRIVACY.