Today I discovered a major security flaw with USAA. I logged in to my account to "view documents" and lo and behold I had access to my documents and other USAA memebers' documents.
What??!!
Yep, USAA admitted faulty IT implementations that allowed all USAA members to view everyone else’s documents.
The concern is not only privacy but ID theft. I have Tax documents that show my full blown SSN. And other USAA members had access to that!! Are you F'ing kidding me?!
I called USAA immediately and they have since taken down the View Documents portion of the website.
I told them I was very very unhappy and very concerned. On Monday I will be requesting free Subscription to their CMS as restitution.
Watch your Credit Report Closely if you are a USAA Member.
[UPDATE]
From USAA:
"Please note there was a technical issue last weekend during a system upgrade in which some personal member information could possibly have been visible to another USAA member on USAA.com. We identified the error within one hour of its occurrence, and immediately retracted the information to limit exposure.
From the information we have gathered, there is no indication of any fraudulent activity related to this occurrence. Furthermore, we are taking precautions to prevent this from happening again. We did want to make you aware of the situation. In response to this incident, we are taking the appropriate steps to notify and protect the identification of the people whose information was made available.
The protection and security of our member’s personal information is our top priority"
