Breach, Data Security

Bond insurer MBIA investigates potential breach of client data

Share

MBIA, the country's largest bond insurer, says that data related to an undisclosed number of its customers may have been “illegally accessed.”

In a Tuesday statement, MBIA revealed that clients of its asset management subsidiary, Cutwater Asset Management, were impacted, Brian Krebs reported. The security journalist said that the incident was the result of a misconfiguration in a company web server.

An independent security expert Bryan Seely initially discovered that the sensitive data was exposed on the open web, and not just available to authorized users on a private network.

Customer account numbers, balances and other data were said to be exposed, Krebs revealed. After being notified of the breach, MBIA disabled the affected site, mbiaweb.com, which contained data on Cutwater customers, he explained. MBIA has begun notifying those affected.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.