Recently I discovered an open and non-password protected database that contained 717,814 records and the Personally Identifiable Information (PII) of thousands of Canadian citizens. This data contained home mortgage loan related information that included names, phone numbers, email addresses, physical addresses, and more. Many of the records we saw appeared to be “mortgage leads”. These are records of individuals who want to buy a house, refinance, obtain an equity line of credit or purchase an investment property. Upon further research there were multiple references to Canadian based 8Twelve Financial Technologies Inc. We immediately sent a responsible disclosure notice and 8Twelve acted fast and professionally by restricting public access within hours of our discovery.