Mr. Cooper, Mortgage Lending Giant, Faces Disruptions During Cyberattack

  • By Steven
  • Nov 06, 2023

Cyberattack on Mr. Cooper

Mr. Cooper provides over 4 million people with mortgage lending options. They are the nation’s most prominent leading estate loan servicer, with over $900 billion in active service. The loan servicing giant recently experienced a technical outage; the culprit may have been a cybersecurity attack, potentially exposing the sensitive information of thousands. 

How Did the Attack Occur? 

According to the incident notice posted on Mr. Cooper, the cybersecurity attack caused some service disruptions on October 31st, 2023. During the disruptions, homeowners could not access their accounts, which prompted an internal investigation. As the investigation is ongoing, there is little public knowledge about the event. Mr. Copper describes the attack as an “incident” where an unauthorized party gained access to specific technology systems. Speculation leads us to believe the attack happened thanks to hacking abilities by the bad actors rather than individual error. Other resources believe the attack may have been part of a ransomware attack on Mr. Cooper. 

What Information Was Viewed or Stolen? 

If the unauthorized party accessed information during the attack, what type it could have been is unknown. Mr. Cooper’s incident notice lists “certain technology systems” as being influenced, nothing else; subsequently, it’s impossible to know what the assailants may have seen, taken, or disrupted. They may have gotten access to Mr. Cooper’s internal network maps, which would put vendors and third parties at risk. Alternatively, the hackers could have been targeting borrower details; if they did, it could put anyone with a relationship with Mr. Cooper at risk for information misuse. 

How Did Mr. Cooper Admit to the Breach? 

Homeowners felt the disruptions first, as they could not access their accounts to make payments, which occurred on October 31st. Shortly after detecting the incident, Mr. Cooper initiated response protocols, which included shutting down some systems to isolate the threat. A day later, on November 1st, they posted a warning on their website and subsequently caught the attention of the news. On November 2nd, they posted their cybersecurity incident notice, confirming the attack happened but lacking details.

What Will Become of the Stolen Information? 

It is challenging to speculate what may occur with the stolen information; since nothing is public about the attacker, their motivations, or even the impacted system areas, anything could happen. If the ransomware theory is correct, the attackers may have harvested borrower or system information to leverage it; in an exemplary scenario, this could be an easy payday for the hackers. Simultaneously, if the target was borrower credentials, the unauthorized party may use those details to commit various fraudulent crimes. The only thing known is that those with relationships with Mr. Cooper must take preventative actions quickly. 

What Should Affected Parties Do in the Aftermath of the Breach? 

Whether one of the 9,000 Mr. Cooper employees or one of the millions of borrowers, your information may be at risk. Mr. Cooper’s notice states that the ongoing investigation will include a notice to potentially impacted parties; the same section also mentions the implementation of protection services. Given the potentially catastrophic consequences of the breach, all parties must strongly consider preventative measures. Start with updating old accounts with new, strong passwords and enabling multi-factor authentications. After that, consider credit monitoring services. Professionals can watch for suspicious activity within your financial accounts and around your identity. Don’t wait for the notice to take action.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

The number of victims caused by the global MOVEit data breach continues to climb; Welltok has announced more exposures, this time from three more health organizations.

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

"Pan American Life Insurance Group Building - New Orleans" by Tony Webster is licensed under CC BY 2.0. Source: Flickr

New York Healthcare Provider Notified 600k Following Network Cyberattack

New York Healthcare Provider Notified 600k Following Network Cyberattack

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County.  ERMI is a "multi-modality radiology center," including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address