Mr Cooper, the private mortgage lender, has now admitted almost 14.7 million individuals' private data has been stolen in a previous IT security breach, which resulted in the theft of their addresses and bank account numbers, but it is estimated the company will have to spend at least $25 million to repair the problem.
It has been reported by Mr. Cooper that unknown threats intruded into its network on Oct. 31, causing the network to be immediately and completely shut down.
The hacker managed to gain access to files that contained sensitive information about both former and current customers as well as co-borrowers despite the quick response protocol that was designed to protect against unauthorized access to customer information.
It has been determined that cybercriminals have accessed and stolen the personal information of 14.6 million homeowners as a result of a lengthy investigation to determine the extent of the breach.
The mortgage giant revealed that the scope of the cyberattack was much worse than what it had originally believed.
In a notification filed with the state of California and Maine on Friday, the company revealed that a large number of highly personal records belonging to millions of people were stolen by one or more attackers.
He also stated that the hackers had accessed the customers' names, addresses, dates of birth, and phone numbers, as well as their Social Security numbers and bank account numbers as part of the theft.
It had been reported to Maine's attorney general's office that the hackers had done this.
According to Mr. Cooper's previous statements, the customer's banking information is stored by a third-party company and is expected to remain unaffected.
It has been reported by Mr. Cooper that hackers acquired personal information on nearly all of the company's current and former customers, which was disclosed in a separate filing with federal regulators on Friday.
According to their website, Mr Cooper claims that there are four million current customers, but it appears that there are actually more, likely due to the historical information shared by the company about mortgage holders that they store on its database.
Mr Cooper stated that his company has seen no evidence that the stolen data has been used to commit identity theft or fraud; however, he said that it will continue to monitor the dark web for signs that thieves may be sharing, leaking, or misusing the stolen data for other purposes.
Aside from that, each affected individual will receive a free credit monitoring service for 24 months.
Mr Cooper's Breach Scope has Tripled As of September 30, 2023, Mr Cooper had approximately 4.3 million customers as of its website.
Based on this number, it is estimated that more than 10 million non-customers were caught up in the breach, thereby extending its scope by more than three times.
In a breach notice published on the website of the Maine Attorney General's office, it was outlined that victims are not only current customers but also customers in the past.
There are four specific types of customers under this category: former customers, current and former sister brand customers, customers of mortgage companies whom Mr. Cooper was a servicing partner for, and customers who were applying for a mortgage through the company.
Among the sister brands of Mr. Cooper are RightPatch Servicing, Rushmore Servicing, Greenlight Financial Services, and Champion Mortgage, which are all part of the M. Cooper Group.
The notice noted that those whose loans were acquired or serviced by Nationstar Mortgage LLC or Centex Home Equity may also be affected by the change of ownership.
SEC records indicate that Mr. Cooper went into business as Centex Home Equity in 2001, and as Nationstar Mortgage in 2006, both companies servicing its customers as Centex Home Equity.
This Cyber News was published on www.cysecurity.news. Publication date: Thu, 04 Jan 2024 12:13:06 +0000