Dive Brief:
- The sensitive personal information of 16.6 million loanDepot customers was stolen during a ransomware attack earlier this month, the California-based company said Monday in a filing with the Securities and Exchange Commission.
- LoanDepot first disclosed the ransomware attack on Jan. 8 and took some of its IT systems offline as part of its response. Some customer portals were brought back online with limited functionality starting Jan. 18, and the servicing customer portal and mobile app are now fully operational, according to its cyber incident response page.
- “The company has not yet determined whether the cybersecurity incident is reasonably likely to materially impact the company’s financial condition or results,” loanDepot said in the SEC filing.
Dive Insight:
Four major real-estate industry organizations — including mortgage servicer Mr. Cooper Group, Fidelity National Financial, First American Financial and loanDepot — have been hit by cyberattacks in the last few months.
While loanDepot didn’t detail the type of personal data stolen, the amount of individuals impacted makes it the most widespread compromise of customer data in the real-estate sector spree.
The personal data on every current and former customer of Mr. Cooper Group — almost 14.7 million people — was stolen during a late October attack.
“Unfortunately, we live in a world where these types of attacks are increasingly frequent and sophisticated, and our industry has not been spared. We sincerely regret any impact to our customers,” loanDepot CEO Frank Martell said in a statement.
The company, which is the second-largest non-bank mortgage lender behind Rocket Mortgage, said it’s working with outside forensics and security experts to investigate the incident and restore operations.
