Ransomware Attack Leads to Data Breach of HomeTrust Mortgage

  • By Steven
  • Nov 24, 2022

HomeTrust Mortgage Data Breach

Mortgage bank HomeTrust Mortgage is based out of Houston, TX, but has 13 separate locations in several other states – Colorado, New Mexico, Florida, Oklahoma, Alabama, Georgia, and Tennessee. The company generates around $23M annually while employing more than 100 people throughout its locations. Unfortunately, it fell victim to a ransomware attack that left many files of information exposed. 

How Did the Attack Occur?

The lender noticed unusual activity in July 2022, and immediately hired an outside security team to investigate what was going on. The team discovered a ransomware attack that left a lo of data exposed and subsequently locked by the hacker(s) that gained unauthorized access to the company’s network. 

What Information Was Viewed or Stolen?

Hackers were able to access a wide variety of data while in the company’s network. However, the investigation shows that there were only three basic types of personal information in the affected files: home address, full name, and social security number. This is enough information for a hacker to steal someone’s identity, so it is not a breach to be taken lightly. It is just a moment to appreciate that more was not taken during the breach itself. 

How Did HomeTrust Mortgage Admit to the Breach?

HomeTrust Mortgage acknowledged the breach when it filed with the Montana Attorney General’s office. They explained that their investigation showed a successful ransomware attack and that they were able to confirm sensitive information was part of the breach. They followed up with this filing by sending out letters to any consumers they believe to have been affected by this data breach. While no one has confirmed any fault of the company in terms of negligence, it also has not yet been ruled out. 

What Will Become of the Stolen Information?

The hope is that nothing comes of the stolen data, but unfortunately, no one knows what may become of that data. The hackers have not yet put the data up for sale in any place the investigation has found it, but that does not mean it will not be there at some point in the future. Hackers could use this data for financial gain, or they may sell it to those with other nefarious ideas in mind. 

What Should Affected Parties Do in the Aftermath of the Breach?

The best thing that anyone in this situation can do is remain vigilant. What this means is constantly checking their personal information and accounts for anything out of place. Checking bank accounts, credit card statements, and things like personal credit reports can make spotting a problem at its earliest stages much easier. 

Potential victims can also invest in services that monitor their identities for them. That way, should any of their personal data wind up on the Dark Web, they can get a notification that lets them take action before someone can use their information against them. It is always important to protect your personal data. However, following any type of data breach, the importance rises significantly.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Regal Medical Group Data Breach Affects Patients of At Least Four Healthcare Providers

Regal Medical Group Data Breach Affects Patients of At Least Four Healthcare Providers

It's been less than a week since February 2023 started, yet we are, reading about a new medical breach. Over 90% of hospitals have admitted to being victims of data breaches.

Weekly Cybersecurity Recap February 3

Weekly Cybersecurity Recap February 3

Well, the last month has passed incredibly quickly and without much stir, which gives us hope for the next year. However, this month has been incredibly eventful in the world of cybersecurity.

Bell-Carter Foods Announced A Data Breach

Bell-Carter Foods Announced A Data Breach

Any large-scale company is at heightened risk of becoming the victim of a data breach. It doesn't always seem like the most obvious target; whether it's a power company, a grocer, or a chain restaurant, there is actually a lot of desirable information available from these companies' databases.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address