Cyberattack at LoanDepot Compromises Personal and Social Security Data of Over 17 Million Customers

LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattackAlmost 17 million LoanDepot customers had sensitive personal information, including Social Security numbers, stolen in a January ransomware attack, the company has confirmed. The loan and mortgage giant company said in a data breach notice filed with Maine’s attorney general’s office that the stolen LoanDepot customer data includes names, dates of birth, email and postal addresses, financial account numbers, and phone numbers. The stolen data also includes Social Security numbers, which LoanDepot collected from customers. The number of affected LoanDepot customers rose from 16.6 million as initially disclosed to federal regulators last month, which did not say what specific customer data had been stolen. Mortgage and loan giant Mr. Cooper said hackers stole the personal information of more than 14 million customers during an October cyberattack, costing the company at least $25 million in additional costs.

LoanDepot, a large loan and mortgage company, has confirmed that approximately 17 million of their customers had sensitive personal information stolen during a ransomware attack in January. This information includes names, dates of birth, email and postal addresses, financial account numbers, phone numbers, and Social Security numbers collected from customers.

The number of affected customers has risen from the initial estimate of 16.6 million, which was disclosed to federal regulators last month. At that time, it was not specified what specific customer data was stolen.

The cyberattack occurred on January 4 and was initially described by LoanDepot as involving the encryption of data. It is unknown if a ransom was paid, and when asked by TechCrunch, a company spokesperson did not provide any information.

The attack left millions of LoanDepot customers unable to make payments or access their accounts online for several weeks.

LoanDepot is not the only loan and mortgage company that has been targeted by hackers in recent months. Mortgage giant Mr. Cooper confirmed that personal information of over 14 million customers was stolen in an October attack, resulting in at least $25 million in additional costs for the company. In November, one of the largest home insurance providers, Fidelity National Financial, was also hit by a ransomware attack, causing the company to be offline for more than a week.

Since their last regulatory filing, LoanDepot has not provided any updates on the potential impact of the cyberattack on their financial condition.

This article was originally published on January 22, 2024 and has been updated on February 26, 2024 with new information regarding the stolen customer data.

If you have any additional information about the incident and work at LoanDepot, you can contact Zack Whittaker via Signal or WhatsApp at +1 646-755-8849 or through email. Our team can also be reached via SecureDrop.

Avatar photo
Kira Kim

Kira Kim is a science journalist with a background in biology and a passion for environmental issues. She is known for her clear and concise writing, as well as her ability to bring complex scientific concepts to life for a general audience.

Articles: 823

Leave a Reply

Your email address will not be published. Required fields are marked *