The Daily Hodl
  • FEATURES
    • News
    • Bitcoin
    • Ethereum
    • Altcoins
    • Financeflux
    • Trading
    • NFTs
    • Blockchain
    • Futuremash
    • Regulators
    • Scams, Hacks & Breaches
  • INDUSTRY ANNOUNCEMENTS
    • Latest
    • Press Releases
    • Chainwire
    • Sponsored Posts
    • Submit Your Content
  • CRYPTO MARKETS
  • SUBMIT
    • Guest Post
    • Press Release
    • Sponsored Post
    • Advertise
No Result
View All Result
  • FEATURES
    • News
    • Bitcoin
    • Ethereum
    • Altcoins
    • Financeflux
    • Trading
    • NFTs
    • Blockchain
    • Futuremash
    • Regulators
    • Scams, Hacks & Breaches
  • INDUSTRY ANNOUNCEMENTS
    • Latest
    • Press Releases
    • Chainwire
    • Sponsored Posts
    • Submit Your Content
  • CRYPTO MARKETS
  • SUBMIT
    • Guest Post
    • Press Release
    • Sponsored Post
    • Advertise
No Result
View All Result
The Daily Hodl
No Result
View All Result

Millions of Sensitive Financial Docs Exposed in Giant Database Leak, Highlighting Push for Blockchain Solutions

by Daily Hodl Staff
January 24, 2019
in Blockchain

A massive database containing over 24 million banking and financial documents from some of the largest US banks was recently leaked online, available without a password for possibly two weeks. The database contained over 10 years of loan and mortgage agreements, tax documents, social security numbers, bank account numbers, names, addresses and more.

The server security lapse was first reported by Zack Whittaker at TechCrunch. According to independent researcher Bob Diachenko,

“These documents contained highly sensitive data. This information would be a gold mine for cyber criminals who would have everything they need to steal identities, file false tax returns, get loans or credit cards.”

Diachenko found the data in an unprotected Elasticsearch cluster. With help from TechCrunch, the leak was traced back to data and analytics company Ascension, based in Ft. Worth, Texas. One of Ascension’s services include converting paper documents and handwritten notes into computer files, also known as OCR. The OCR files were compromised during the leak.

[NEW REPORT] Teaming up with mighty @zackwhittaker on that one – that was really big one, indeed https://t.co/VTzK3zkOAg

— Bob Diachenko ?? (@MayhemDayOne) January 23, 2019

Sandy Campbell, general counsel at Rocktop Partners, the parent company of Ascension, says,

“On January 15, this vendor learned of a server configuration error that may have led to exposure of some mortgage-related documents. The vendor immediately shut down the server in question, and we are working with third-party forensics experts to investigate the situation.”

The vendor was found to be New York-based company OpticsML, whose phone number and website have recently gone offline.

Fintech and data storage companies are working to develop decentralized database solutions to avoid similar leaks. By distributing sensitive data, blockchain-based platforms are cryptographically secured and are designed to eliminate single points of failure, password lapses and internet exposure. Blockchain systems are also designed to regulate and control who has access to data, and to make such access transparent without having to rely on a report from one party or an intermediary.

TechCrunch reports that CitiFinancial, a now-defunct branch of Citigroup, was one of several large financial institutions affected by the leak which also compromised personal data and sensitive files from HSBC, Wells Fargo, CapitalOne as well as the US Department of Housing and Urban Development.

A Citi spokesperson says,

“Citi recently became aware that a third party, with no connection to Citi, was storing certain mortgage origination and modification documents in an unsecure online environment. These documents contained information about current or former Citi customers, as well as customers from other financial institutions. Citi notified law enforcement, initiated a thorough forensic investigation and worked quickly to ensure the information could no longer be publicly accessed.”

Speaking to SC Media, Colin Bastable, CEO of Lucy Security, says big financial institutions offload work to companies like Ascension without securing the data that’s involved.

“When US lenders offload our mortgages and loans to third parties, they offload the data too, and wash their hands of all responsibility. In its drive for profitability, the US financial industry has outsourced many services to third party service providers, and at the heart of this fragmented industry is consumer data.” 

Elasticsearch, which is a database for storing, retrieving and managing documents. While companies typically install Elasticsearch to improve their web application data indexing and search capabilities, they can also inadvertently expose their internal servers, loaded with troves of documents containing personal information, to the internet.

The recent breach is one of four discovered this month on Elasticsearch. Researchers also discovered the following leaks.

  • Millions of calls and text messages from Voipo
  • Four million intern applications from the youth group AIESEC
  • 108 million gambling records from online casinos

Last November Diachenko also discovered another Elasticsearch leak.

In a blog post, Diachenko wrote,

“On Nov 29th I have identified an unprotected Elasticsearch cluster, available for public access, via Shodan engine. It took me some time before I analyzed the data and noted that almost all payment information (credit cards details) was related to Bancolombia, so I decided it would be the quickest possible solution to prevent this data from being stolen and report the incident directly to bank authorities.

Shortly after I contacted Bancolombia, instance has been secured (Nov. 30) and on the next day I was contacted by a representative of a company that managed the data, Waumovil, who thanked me for the heads up and said that ‘unfortunately we had some open ports that I was not aware.’”

You can check out Diachenko’s full blog post on the Bancolombia data leak here.

[the_ad id="42537"] [the_ad id="42536"]
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any assets including cryptocurrencies, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Submit a Press Release

Industry Announcements

  • Bitcoin Suisse Advances Middle East Expansion, Receives Financial Services Permission in Abu Dhabi
    July 7, 2026
  • Deribit and SignalPlus Launch The Island Trading Competition With Up to $600,000 USDC in Prizes
    July 6, 2026
  • Bybit Card Launches in Peru: Seamless Spending with Up to 120 USDT in Rewards
    July 2, 2026
  • BTCC Exchange Sees Trading Volume Surge Ahead of Argentina Match Days as World Cup Showdown Campaign Heats Up
    July 2, 2026
  • Liquid Mercury Completes MiCA Disclosure for MERC, Enabling Trading Admission Across the EU
    July 1, 2026
  • Valle Capital Token Launches RWA and Agribusiness Ecosystem
    July 1, 2026
  • Streamex Is Making Digital Gold Accessible
    July 1, 2026
Submit a Guest Post
ADVERTISEMENT

Spotlight

  • Scammers Drain $3,500,000,000 From US Bank Accounts in One Year As Imposter Scams Explode: FTC
    July 6, 2026
  • US Homeland Security Information Network Hit by Cyber Intruders, Exposing Sensitive Government Data
    July 5, 2026
  • Texas State Agency Breach Exposes Driver’s Licenses and Passports of 3 Million Residents
    July 5, 2026
  • Washington State Residents Lose $673,500 to Sophisticated Bank Scams in Three Days
    July 6, 2026
DON'T MISS A BEAT
Crypto headlines delivered daily
to your inbox
BTC, ETH, XRP news alert options
By joining The Daily Hodl news list you agree to our
Terms and Conditions and Privacy Policy.
Featured Image: Shutterstock/Billion Photos

Covering the future of finance, including macro, bitcoin, ethereum, crypto, and web 3.

Categories

Bitcoin • Ethereum • Trading •
Altcoins • Futuremash • Financeflux •
Blockchain • Regulators • Scams •
HodlX • Press Releases

 

ABOUT US | EDITORIAL POLICY | PRIVACY POLICY
TERMS AND CONDITIONS | CONTACT | ADVERTISE

JOIN US ON TELEGRAM

JOIN US ON X

JOIN US ON FACEBOOK

COPYRIGHT © 2017-2025 THE DAILY HODL

No Result
View All Result
  • FEATURES
    • News
    • Bitcoin
    • Ethereum
    • Altcoins
    • Financeflux
    • Trading
    • NFTs
    • Blockchain
    • Futuremash
    • Regulators
    • Scams, Hacks & Breaches
  • INDUSTRY ANNOUNCEMENTS
    • Latest
    • Press Releases
    • Chainwire
    • Sponsored Posts
    • Submit Your Content
  • CRYPTO MARKETS
  • SUBMIT
    • Guest Post
    • Press Release
    • Sponsored Post
    • Advertise

© 2025 The Daily Hodl