Security of Online Mortgage Applications Breached

W A S H I N G T O N, Nov. 16 -- A security breach in the software used by manymortgage brokers caused at least 700 Americans’ loan applications — including Social Security numbers — to be divulged on the Internet,officials said Wednesday.

Though quickly rectified, the breach should send a warningthrough an industry that now processes one of every three mortgageapplications electronically using software made by California-basedContour Software, security and loan experts said.

“It’s of great concern to us,” said Tom Lovell, president ofAMEX Mortgage in Tempe, Ariz., a mortgage broker whose customers’applications were divulged on the World Wide Web because of thesoftware problem.

“We’ve been evaluating new services, and this gives us morecause for that,” he said.

Consumers Get ScaredThe breach, discovered by a computer security firm, angeredhomeowner Ronald Johnson, who comparison-shopped for mortgagesonline and learned that his application was visible on theInternet. It included his and his wife’s Social Security numbers,lists of assets and work history.

“I really don’t buy anything online, because I’m afraid if Iput my credit card number on there it’s going to be all over theworld,” said Johnson from his Fountain Hills, Ariz., home.

“But when we applied for a loan for this house, I thought itwould be a good time to use the Web. I guess I was wrong aboutthat, too,” said Johnson, who learned about the problem from TheAssociated Press.

Not a Usual OccurenceA Contour Software spokesman called the problem “a rarity” andsaid the application would be difficult to locate on the Internet.Spokesman Scott Cooley blamed a disgruntled former employee, whoturned off security settings for a computer directory where theloan applications were stored.

“Keep in mind that it would have been impossible to find thisdirectory without knowing it by name,” Cooley said.