A new report from HALOCK Security Labs suggests that several major financial institutions, as well as smaller mortgage lenders, may have information sharing practices that could compromise the integrity applicants’ personal and financial information.
According to the report, HALOCK took a look at 63 American mortgage lenders, and as it turned out, 70 percent of these lenders allowed consumers to send personal and financial data via unencrypted email. This data includes, but is not limited to tax documents and W-2s. Most interesting, yet troubling was the revelation that 73 percent (eight out of eleven) of the major lenders investigated engaged in the same unsafe practices that smaller lenders engaged in.
Further, close to 70 percent of the lenders were found to encourage applicants to fax forms that include sensitive information, which may mitigate some security risks, but not all. More than 40 percent of lenders allowed consumers to send data via “snail mail”, while a mere 12 percent had a secure email portal as an option.
Overall, the investigation’s results mostly suggest that lenders are more concerned about convenience than security, but also hint that these banks are not cognizant of how consumers are losing faith in how these institutions can keep their personal information private.
Separate from the HALOCK study, the Ponemon Institute said in the fall of 2013 that consumer confidence in how banks prioritize privacy had dropped progressively over the past decade; 65 percent of those surveyed by the Ponemon Institute said that they do not agree with the statement “My bank is committed to ensuring the privacy of my personal information is protected.”