Another Mortgage Lender Embattled; LoanDepot Faces Disruptions
Table of Contents
- By Steven
- Jan 09, 2024
LoanDepot is one of the nation’s most widespread nonbank mortgage lenders, offering financial solutions and opportunities to homeowners. Based in Irvine, California, LoanDepot allows homeowners to purchase land, refinance it, and strike the best deal in equity costs. After coming into existence in 2010, their history became one of upward growth; two years later, they were licensed in all 50 states and began expansions. LoanDepot’s accolades may have made it a target for cybercriminals; they’re facing a cyber incident.
How Did the Attack Occur?
The cyber incident is actively occurring; subsequently, little is public about the nuances of the event and its potential outcomes. LoanDepot’s website is unresponsive, although according to their event notice page, it is part of their response to the threat. LoanDepot also filed a Form 8-K with the Securities and Exchange Commission (SEC); this filing offers more than their website blurb. According to it, an unauthorized actor breached the company’s systems and was able to encrypt some of LoanDepot’s data. How the assailant made this event possible is unclear, but all signs point to a ransomware attack. Subsequently, LoanDepot associates must consider protective measures for their data.
What Information Was Viewed or Stolen?
The cyberattack is ongoing, as are investigations into it. Until LoanDepot shares more information about the event, we can only speculate about the data possibly exposed in the attack. Although the public does not know what data the assailant may have stolen, another breach may offer suggestions. Less than a month ago, we reported on Mr. Cooper’s cyber event—a breach that exposed 14.7 million homeowners.
Mr. Cooper’s event included the data of homeowners and borrowers, including names, addresses, contact data, birthdays, Social Security Numbers, and banking information. This information may be similar to what is being targeted by the LoanDepot assailants. Victims who lost their data in the LoanDepot event are in a perfect position to start protecting their data; they don’t need to wait for a notice to take action.
How Did LoanDepot Admit to the Breach?
Officials filed the SEC report on or around January 4th, 2023; presumably, LoanDepot entered the report after shutting down their systems and learning of the cyber threat. Whether this happened in the days before January 4th or on that day is unclear. Four days later, on January 8th (at 6:00 am), LoanDepot launched its website notice page. Officials will clear and post updates to this page accordingly.
What Will Become of the Stolen Information?
It’s unclear what may happen to the information exposed in this breach—or what kinds of consequences may appear. Those with a name, birthday, and Social Security Number may face fraud in the future. Meanwhile, those with financial and loan data exposed may face financial fraud or account manipulation. No matter what the assailants have in mind for the data (if they have any), LoanDepot customers can protect themselves.
What Should Affected Parties Do in the Aftermath of the Breach?
Although we don’t know what data the assailant may have accessed in this event, we can still proactively mitigate possible consequences. Victims should first safeguard their data by changing their passwords and enabling security features on all their accounts. After this, victims must consider investing in account monitoring services; these services notify users immediately whenever their data is misused online or on the dark web. Securing personal data is challenging once it’s in the hands of cybercriminals—take time to start the process now. It will mitigate potential consequences later.