LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattackAlmost 17 million LoanDepot customers had sensitive personal information, including Social Security numbers, stolen in a January ransomware attack, the company has confirmed.
The loan and mortgage giant company said in a data breach notice filed with Maine’s attorney general’s office that the stolen LoanDepot customer data includes names, dates of birth, email and postal addresses, financial account numbers, and phone numbers.
The stolen data also includes Social Security numbers, which LoanDepot collected from customers.
The number of affected LoanDepot customers rose from 16.6 million as initially disclosed to federal regulators last month, which did not say what specific customer data had been stolen.
Mortgage and loan giant Mr. Cooper said hackers stole the personal information of more than 14 million customers during an October cyberattack, costing the company at least $25 million in additional costs.
About 16.6 million LoanDepot customers had their “sensitive personal” information” stolen in a cyberattack earlier this month, which the loan and mortgage giant has described as ransomware.
The loan company said in a filing with federal regulators on Monday that it would notify the affected customers of the data breach.
LoanDepot did not say what kind of sensitive and personal customer data was stolen.
When reached by email, LoanDepot spokesperson Jonathan Fine declined to tell TechCrunch what specific types of customer data was taken.
LoanDepot said it has “not yet determined” whether the cybersecurity incident will materially impact the company’s financial condition.
LoanDepot customers say they have been unable to make mortgage payments or access their online accounts following a suspected ransomware attack on the company last week.
Users on social media and forums discussing the incident say they have struggled to access their account information or submit payments.
LoanDepot’s updating cyber incident page says several LoanDepot customer portals returned online as of Thursday, albeit with limited functionality.
When reached by email, LoanDepot spokesperson Jonathan Fine declined to comment, but did not dispute that the incident was linked to ransomware.
LoanDepot has not yet updated regulators on the company’s recovery since its initial disclosure to the SEC on January 8.
When reached by email, LoanDepot spokesperson Jonathan Fine reiterated the company’s statement, but declined to comment further or say whether the company has received a ransom demand from the hackers.
LoanDepot says it assists more than 27,000 customers monthly.
A November ransomware attack on Fidelity National Financial, one of the largest insurance providers in the United States, knocked the company offline for more than a week.
In December, mortgage and loan company Mr. Cooper said hackers had stolen the personal data on more than 14 million customers during an earlier October cyberattack.
You can contact Zack Whittaker on Signal and WhatsApp at +1 646-755-8849, or by email.