HQ/EMEAFind out how we can help your business
The mortgage lender company, loanDepot, has recently disclosed a cyberattack that resulted in a data breach impacting approximately 16.6 million individuals.
Based on reports, the attack was a ransomware incident on January 6, prompting the company to temporarily shut down some of its systems to isolate the breach and prevent further infection.
Moreover, the implication of the attack disrupts various loanDepot services. On the other hand, recurring automatic payments continued their process but with delays in payment history updates.
Unfortunately, the customer service portal and other online platforms such as MyloanDepot, HELOC, and the mellohome website became inaccessible after the attack.
A loanDepot advisory confirmed the exact nature of the cyberattack that compromised its operations.
The loanDepot company confirmed the nature of the attack, disclosing that malicious actors had stolen information and encrypted files on compromised devices.
In response to the breach, the company has taken steps to notify affected individuals, offering free credit monitoring and identity protection services. Fortunately, the company reported significant progress in restoring its loan origination and servicing systems, boasting about its ongoing investigations into the breach.
Still, the incident raises concerns about the potential misuse of stolen corporate and customer data, often employed by cybercriminals in double-extortion attacks to force victims into paying ransoms.
Given that loanDepot stores sensitive financial and bank account information, those affected parties should remain vigilant against potential phishing attacks and identity theft attempts.
As of now, loanDepot has yet to disclose the specific types of customer personal information compromised in the breach. This lack of transparency adds uncertainty and anxiety to the affected individuals’ potential risks.
Furthermore, this attack is not the first time loanDepot has faced a data breach. In May 2023, the company disclosed another incident from a cyberattack in August 2022, which exposed customer data.
With approximately 6,000 employees and over $140 billion in serviced loans, loanDepot’s prominence in the US nonbank mortgage lending sector increases the impact of these cyber incidents on the company and its massive customer base.
As investigations continue, the cyberattack reminds everybody of the persistent and evolving threats in the cybercriminal community. This campaign urges organisations to fortify their cybersecurity measures to protect sensitive information and fight against potential breaches.
