Aside from the obvious threats to unlawful credit card use, the information obtained could offer the keys needed to open many more unlawful opportunities.
The breach opened the door for access to Equifax’s The Work Number employment and income verification service. The service has been touted lately by both Equifax and Fannie Mae as an approved verification service that when used can provide lenders with relief from some of the representations and warrants a lender provides to Fannie on loans delivered.
To gain access to the information, a consumer must give authorization. The lender and the work number then authenticate the data. However, with the information obtained from the breach and additional information already available online, the authentication process for an identity thief is simplified.
With the complete credit history obtained from Equifax and the employment and income information obtained from The Work Number, there isn’t much information left to file a fraudulent mortgage application.
Under Fannie’s Day 1 Certainty program, lenders can obtain the rep and warrant relief connected to employment and income verifications when using the Work Number. The caveat is that the relief is invalidated when there is any misrepresentation or fraud involved.
With all the consumer information obtained from Equifax, cyber thieves have just about everything they need to impersonate a bona fide mortgage applicant. With available property inspection waivers (no appraisals) offered by both Fannie and Freddie, they can realistically refinance a person’s home without the owner being aware.
Think about it. Someone can apply online and provide you with all pertinent information. All obtained fraudulently from the Equifax and The Work Number databases. You order their credit report and employment verification online. Everything matches because you’re looking at the same information they stole.
With a little information on bank accounts and a fraudulent sales agreement, or a copy of a Deed which they can get from public records, they’re good to go.
Lenders need to be wary of these possibilities. In the end, it’s the lender that is expected to have in place the necessary security checks to ensure that everything is real in a transaction; from the borrowers to the property, to the title/closing agents. Do you?
With more info about consumers easily available through the internet, sophisticated schemes to steal someone’s identity and the apparent ease to hack into so-called secure sites, nothing is safe and nothing can be left to chance.
The Equifax breach opened new threats to mortgage and other lenders. Doors that we thought were secured. Apparently not! Someone learned how to pick the locks. Maybe it was too easy. We knew it could happen; it was just a matter of when.
Well, it is here! Now, what are you going to do about it? Loans are tough enough to come by and now lenders need to be wary of every one originated.
Processes need to be in place to verify and revalidate all applicant and property information. One fraudulent loan could eat up an entire month’s profits.
Are you prepared to defend against cyber thieves?