News

Prominent Mortgage and Loan Company Hit With Cyberattack, Breach Impacted 14 Million People

Computer Hackers Meet For Annual Congress
(Photo : Patrick Lux/Getty Images) HAMBURG, GERMANY - DECEMBER 28: Participant hold their laptops in front of an illuminated wall at the annual Chaos Computer Club (CCC) computer hackers' congress, called 29C3, on December 28, 2012 in Hamburg, Germany. The 29th Chaos Communication Congress (29C3) attracts hundreds of participants worldwide annually to engage in workshops and lectures discussing the role of technology in society and its future.

Mortgage and loan giant Mr. Cooper became the victim of a cyberattack, putting the personal information of at least 14 million consumers at risk. 

On Oct. 31, the Dallas-based servicer and lenders said it experienced a cyberattack from an unauthorized third party. The company said it noticed "suspicious activity" in certain network systems, according to a new filing with Maine's attorney general's office.

"Our forensic review, engagement with law enforcement and regulators, and defense of litigation is ongoing," the company said. "Additionally, our forensic review has determined that personal information relating to substantially all of our current and former customers was obtained from our systems during this incident."

In the filing, Mr. Cooper said the hackers stole the names, home addresses, dates of birth, phone numbers, Social Security numbers, and bank account numbers of customers. 

Who Are Affected by the Breach?

It also estimated that more than 14 million customers could be affected by the data breach, particularly those whose mortgage was previously acquired or serviced by the company when it was still known as Nationstar Mortgage. The data breach could also affect customers serviced by a sister brand.

Mr. Cooper said it is monitoring the dark web and noted that it has yet to see any evidence that the data acquired by hackers during the breach has been "further shared, published, or otherwise misused." The company also said it is updating its systems to ensure the data breach will no longer happen. 

"We take our role as a mortgage company very seriously, and there is nothing more important to us than maintaining our customers' trust. I want you to know how sorry I am for any concern or frustration this may have caused. Making the homeownership journey as smooth as possible is our top priority, and we intend to make this right for our customers," Jay Bray, Chairman and CEO of the Mr. Cooper Group, said.

Following the announcement of the data breach, Mr. Cooper became the target of at least four consumer class-action lawsuits where defendants argued that the company "failed to comply with industry standards to protect information in its systems," per the Housing Wire.

READ NEXT: Fast-Growing Real Estate Firm eXp Realty Named in New Sexual Assault and Misconduct Lawsuit


Join the Discussion
Real Time Analytics