- How to Become a Chief Information Officer: CIO Cheat Sheet
- 3 handy upgrades in MacOS 15.1 - especially if AI isn't your thing (like me)
- Your Android device is vulnerable to attack and Google's fix is imminent
- Microsoft's Copilot AI is coming to your Office apps - whether you like it or not
- How to track US election results on your iPhone, iPad or Apple Watch
LoanDepot Confirms Ransomware Attack in SEC Filing
One of America’s largest retail mortgage lenders has revealed a significant ransomware breach in a new regulatory filing.
LoanDepot claims to service tens of thousands of customers, with loans of over $140bn. However, in a filing with the Securities and Exchange Commission (SEC) posted to its site yesterday, the firm revealed it had “recently identified a cybersecurity incident” impacting some of its systems.
“Upon detecting unauthorized activity, the company promptly took steps to contain and respond to the incident, including launching an investigation with assistance from leading cybersecurity experts, and began the process of notifying applicable regulators and law enforcement,” it continued.
“Though our investigation is ongoing, at this time, the company has determined that the unauthorized third-party activity included access to certain company systems and the encryption of data.”
Although not named explicitly, the combination of data theft and encryption points to a ransomware breach. LoanDepot added that it was forced to shut down some systems in response, “and continues to implement measures to secure its business operations, bring systems back online and respond to the incident.”
Read more on the mortgage industry: Failure to Report Breach Costs Mortgage Lender $1.5m
According to reports on X (formerly Twitter), the attack briefly took the firm’s website offline, although it is now up and running. Mortgage expert, Colin Robertson, claimed on X that customers’ recurring mortgage payments would still be processed automatically as usual. Others wishing to do so will need to call the company direct, he added.
Unsurprisingly, angry customers took to social media to vent their rage.
“I can’t pay my mortgage because of your site updating. Can’t even call your number. It’s been a complete nightmare,” said one.
@loanDepot I can’t pay my mortgage because of your site updating. Can’t even call your number. It’s been a complete nightmare
— Sean K (@redcarolina) January 6, 2024
This is the latest in a string of attacks on the sector. Last month, mortgage servicer Mr Cooper revealed that an October breach impacted 14.7 million customers, with names, addresses, phone numbers, Social Security numbers and bank account details among the information taken.
Image credit: Around the World Photos / Shutterstock.com
