The real estate world lies within a network of sensitive contact information, financial records, identifying paperwork and the team of experts that keeps these things secure. So, what happens when this information isn’t properly safeguarded? Or when companies use information to take advantage of consumers? Between financial corporation scandals, like the cyber attacks on Equifax, and the recent repeal of the Consumer Financial Protection Bureau (CFPB) arbitration rule, consumers are having trouble trusting financial institutions with their personal information.
In September, Equifax—one of the three major consumer credit reporting agencies— announced a massive cyber breach that may have affected 143 million people in the U.S. The company is being criticized for its security practices, especially since this is the third major cybersecurity threat on Equifax since 2015.
It took Equifax nearly four months to identify the intrusion after hackers stole personal information through a simple website vulnerability. Along with 209,000 credit card numbers, hackers got their hands on Social Security numbers, driver’s license numbers, names, birthdates and addresses. It is one of the largest hacks on record.
Equifax hired cybersecurity firm Mandiant to perform an in-depth investigation of the cyber attack to find out how many consumers are at risk. Results are in and estimated totals for impacted individuals has risen by 2.5 million to a total of 145.5 million at risk. Even the U.K.’s Financial Conduct Authority is investigating the incident, as nearly 700,000 U.K consumers were also affected.
“I want to apologize again to all impacted consumers,” said Paulino do Rego Barros, Jr., CEO of Equifax, following the Mandiant results.”As this important phase of our work is now completed, we continue to take numerous steps to review and enhance our cybersecurity practices. We also continue to work closely with our internal team and outside advisors to implement and accelerate long-term security improvements.”
Impact on Real Estate
Credit plays a major role in lending and the real estate industry. The cyber attack could not only weaken consumer confidence, but may add some challenges if the hacked information is used fraudulently.
Compromised personal information can be used in a variety of damaging ways. Borrowers may have to deal with stalled or rejected loans if hackers purchase expensive items using the stolen credit card numbers. Additionally, new accounts could be opened up in borrowers’ names using their Social Security numbers. Not only are loans at risk, but hackers also have the potential to demolish credit scores via identity theft—an infinitely harder problem to fix.
Equifax’s cyber attack may also lead to a spike in illegal mortgage and refinance applications. According to National Mortgage News, the mortgage industry widely uses The Work Number for employment verification during the underwriting process. The service is also the designated third-party provider of income and employment data for Fannie Mae’s Day 1 Certainty™ program. The cyber security breach leaked the information collected by the Work Number, leaving financial institutions unsure of whether the source has been corrupted.
Overall, loan processors may delay closings to ensure that employment data has not been affected by the breach. Fannie Mae is keeping an eye on its dealings with Equifax, as well.
CFPB Arbitration Rule
The repeal of the CFPB arbitration rule comes at a time when consumers are searching for ways to protect themselves against dishonest business practices. The rule was created over the span of five years and was set to go into effect in 2019. It would have allowed millions of U.S. consumers to pool resources in class-action lawsuits against financial corporations.
The rule was widely approved by Democrats, but Senate Republicans overturned it, with Vice President Mike Pence breaking a 50-50 tie. According to supporters, the ruling would have protected consumers, and, at the same time, held financial institutions responsible for upholding ethical business practices.
“[This] vote is a giant setback for every consumer in this country,” said Richard Cordray, director of the CFPB, in a statement. “As a result, companies like Wells Fargo and Equifax remain free to break the law without fear of legal blowback from their customers.”
Those opposed believed the rule would have a negative impact on lawsuit payouts for consumers.
“This is good news for the American consumer,” said Senator Tom Cotton (R-Ark.) in a statement.” A ban on arbitration clauses would very likely have resulted in lower reward payments for wronged customers and higher credit costs for everybody. There’s little evidence to suggest that class-action lawsuits actually stop the behavior they seek to punish, and there’s plenty of evidence to show they give the lion’s share of money to the lawyers who file them.”
As a result of the repeal, financial corporations will be able to continue using arbitration clauses in their fine print as a way to protect themselves against the courts. Since consumers will not be able to use class action lawsuits as a catalyst for changing a company’s business practices, they will have to familiarize themselves on what to look for so they don’t fall victim to malpractice.
How Consumers Can Protect Themselves
Unfortunately, data breaches and business practices are not just tied to credit reporting agencies. Everyone remembers the Target hack, various large banks like Bank of America have had their share of financial scandals and global accounting firm Deloitte recently announced that it fell victim to a cyber attack, as well.
While these companies are working toward regaining the trust of their consumers, the damage has been done. These business mistakes happen often, especially with companies that are intertwined with the real estate industry. According to a survey by the Economist Intelligence Unit and Deutsche Bank, the real estate industry features one of the lowest percentages of authentication testing. Don’t wait for the next data breach to protect yourself. Here’s what you can do to ensure you don’t fall victim to flawed business practices or cyber attacks:
Check in with Equifax. Find out, if you haven’t already, if you were exposed during the Equifax data breach.
Keep an eye on your credit. Watch out for any sudden changes in your score. If you really want to make sure you’re not at risk, sign up for a credit monitoring service.
Freeze your accounts. If you are vulnerable, go online or call the three major consumer credit reporting agencies to put a freeze on your account. This will keep hackers from checking your credit score or using your personal information. Once you are certain the risk has been taken care of, you may unfreeze your account.
Read the fine print. Don’t sign up for any services, even if they advocate privacy and security, without reading the terms first. Make sure your information isn’t being released to third-party vendors.
Before you apply for a loan, ask for a breakdown of all fees. Get everything in writing so you have evidence of malpractice or fee discrepancies should a conflict arise during the lending process.
Ask how your information is being protected. Any time you need to submit sensitive information that can leave you vulnerable if in the wrong hands, inquire about the company’s cyber security practices. Due diligence before forming a business relationship with any type of financial institution and being a savvy consumer is your best defense against flawed business practices.
Liz Dominguez is RISMedia’s associate content editor. Email her your real estate news ideas at firstname.lastname@example.org.
For the latest real estate news and trends, bookmark RISMedia.com.