U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans.
LoanDepot is one of the largest nonbank retail mortgage lenders in the USA, employing approximately 6,000 people and servicing loans of over $140 billion.
Yesterday, customers began experiencing issues when trying to log in to the company's payment portal to pay loans or contact them by phone.
Some customers took to X to find out what was causing the outages, and loanDepot responded that they were suffering a cyber incident.
Today, loanDepot's social media responses about the cyberattack have disappeared from X, but a similar message still appears when attempting to log in to the company's servicing portal.
This message also states that recurring automatic payments will continue to be processed, but there will be a delay in it appearing in the payment history.
Using the servicing portal to make a new payment will not be possible, and customers should instead contact the company's call center.
At this time, it is not known what kind of attack the company is responding to, but it is likely a ransomware attack.
If it was ransomware, the threat actors would have stolen corporate and customer data during the attack, which they would use as leverage to scare the company into paying a ransom.
As loanDepot holds sensitive information about its customers, such as financial and bank account information, customers should be on the lookout for potential phishing attacks and identity theft.
A similar incident occurred with mortgage lending giant Mr. Cooper, which was hit by a cyberattack in November 2022.
A month later, Mr. Cooper disclosed a data breach, confirming the attack exposed the personal data of 14.7 million customers.
The password attacks of 2023: Lessons learned and next steps.
Staples confirms cyberattack behind service outages, delivery issues.
Mortgage giant Mr. Cooper says customer data exposed in breach.
X users fed up with constant stream of malicious crypto ads.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Sun, 07 Jan 2024 20:40:14 +0000