Anonymous-Leaked B of A Emails Reveal Nothing

Monday, March 14, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

There was a lot of chatter over the weekend about the anticipated release of internal company emails that would supposedly show fraud was committed by Bank of America employees regarding real estate loan practices.

An email exchange between a member of Anonymous and someone claiming to be a former employee of Balboa Insurance, a B of A subsidiary, were released at bankofamericasucks.com. Also released were a few emails that the leaker claims to be internal company communications.

The emails were supposed to "prove" that Bank of America was "falsifying loan documentation in order to proceed with foreclosures by fixing letter cycles in the system, reporting incorrect volumes of all their lenders and to the federal auditors to avoid fines for falling behind on Loan Modifications, purposely and knowingly adjusting premiums for REO (Real Estate Owned) insurance for their corporate clients while denying forbearances for individual borrowers," according to the unnamed leaker.

The leaked emails reveal little, and what they do show does not rise to the level of systemic or institutionalized fraud on the part of the bank or its employees.

What is shown is that the entire episode is most likely a case of a disgruntled employee trying to make trouble for a former employer.

The emails have not yet been proven to be valid Balboa Insurance correspondence, though the leaker did go to lengths to prove he or she was a former employee of the company.

The request made in the leaked emails was to remove imaged (scanned) documents from a sequential series of files identified by their Document Tracking Numbers (DTN), but the request does not indicate why the images should be removed from the system.

One of the parties in the exchange references an "error" and the likelihood that removing the images from the files would be a "red flag" to auditors. Without more context, it simply appears that an employee made an error and was attempting to either rectify or cover up the mistake.

The leaker claims to have more emails that have not been released, but based on what is available already, it is safe to say that there is no bombshell story here as had been anticipated.

There are two points of interest here though, the first being that in the post-WikiLeaks era the media has "leak fever" and is anxious to give anyone with a grudge some time in the limelight.

Secondly, this incident highlights the problems disgruntled current and former employees can make for a company.

In this case it looks as if select emails were leaked without the necessary context to understand their significance in an effort to generate some heat but provide little light, which really only works to satisfy the disgruntled former employee's desire to make trouble.

Previous leaks by Anonymous did show that HBGary Federal, Palantir Technologies and Berico Technologies were involved in developing WikiLeaks counter-operations strategies for Bank of America and proposed disinformation campaigns, cyber attacks against network systems, and strong-arming journalists.

Other information released showed the companies were engaged in developing strategies to infiltrate other civil activist groups, and plans to use social media for distributing government propaganda.

There was also evidence that HBGary Federal was involved in developing an undetectable, full command and control cyber offensive weapon called Magenta, and had detailed plans to manipulate social media using persona management software.

But this time - nada.

Possibly Related Articles:
3985
Network->General
Insider Threats Headlines WikiLeaks Anonymous Bank of America Balboa Insurance
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.