CyberSecurityBoard
Sponsor Register Login

Mr. Cooper breach affects more than 14.6M

Mr. Cooper, a major U.S. mortgage servicer, says an October data breach affected nearly 14.7 million people, including all its current and former customers.
Mr. Cooper provided a data breach notification to the Office of the Maine Attorney General saying a total 14,690,284 people were affected by the breach.
A written notice sent to breach victims says names, addresses, phone numbers, Social Security numbers, dates of birth and bank account numbers were stolen.
After detecting the intrusion on Oct. 31, Mr. Cooper shut down its systems, which resulted in a service outage between Nov. 1 and Nov. 4.
The company is offering all affected customers two years of free identity protection services through TransUnion's IdentityForce.
Victims are required to enroll for these services within 90 days of receiving the written breach notice.
Mr. Cooper breach scope increases triples.
Mr. Cooper had about 4.3 million customers as of Sept. 30, 2023, according to its website.
This suggests more than 10 million non-customers were caught in the crossfire, expanding the scope of the breach by more than three times.
The breach notice published through the Maine Attorney General's office outlines victim categories beyond current customers.
This includes former customers, current and former sister brand customers, customers of mortgage companies Mr. Cooper have been a servicing partner for and those who have applied for a home loan through the company.
Mr. Cooper did business as Centex Home Equity starting in 2001 and as Nationstar Mortgage starting in 2006, according to SEC records.
It is unclear exactly how far back the leaked data goes.
Mr. Cooper declined to provide further details to SC Media about the breach and the company's security measures.
Long-term data retention a requirement - and a risk.
Cybersecurity experts told SC Media that companies like Mr. Cooper frequently store former customers' data for several years due to regulatory requirements.
Data masking and continuous controls monitoring are additional tools businesses should use to defend both current and former customers' data, Pandey noted.
Despite a range of laws and guidelines instructing businesses to retain data for a certain number of years, companies can also take steps to ensure they are not keeping sensitive data longer than required, says Claude Mandy, chief evangelist of data security at Symmetry Systems.
Patrick Tiquet, vice president of security and architecture at Keeper Security, recommends companies regularly audit their data inventory and employ appropriate data protection measures.
The Mortgage Bankers Association, an organization that represents more than 2,200 companies in the real estate finance industry, offers information security guidelines with similar recommendations.


This Cyber News was published on packetstormsecurity.com. Publication date: Tue, 19 Dec 2023 15:13:05 +0000


Cyber News related to Mr. Cooper breach affects more than 14.6M

Identity Crisis: 14 Million Individuals at Risk After Mortgage Lender's Data Breach - Mr Cooper, the private mortgage lender, has now admitted almost 14.7 million individuals' private data has been stolen in a previous IT security breach, which resulted in the theft of their addresses and bank account numbers, but it is estimated the ...
6 months ago Cysecurity.news
Mr. Cooper breach affects more than 14.6M - Mr. Cooper, a major U.S. mortgage servicer, says an October data breach affected nearly 14.7 million people, including all its current and former customers. Mr. Cooper provided a data breach notification to the Office of the Maine Attorney General ...
6 months ago Packetstormsecurity.com
Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems - U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. Mr. Cooper is a mortgage lending company based out of Dallas, Texas, that employs ...
7 months ago Bleepingcomputer.com
CVE-2019-5303 - There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing ...
6 months ago
CVE-2019-5302 - There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing ...
6 months ago
Mr. Cooper Data Breach: 14 Million Customers Exposed - A major data breach at mortgage giant Mr. Cooper compromised the personal data of an astounding 14 million consumers, according to a surprising disclosure. Sensitive data susceptibility in the digital age is a worry raised by the occurrence, which ...
6 months ago Cysecurity.news
Mr Cooper now says 15M people's data exposed in cyberattack The Register - Mortgage lender Mr Cooper has now admitted almost 14.7 million people's private information, including addresses and bank account numbers, were stolen in an earlier IT security breach, which is expected to cost the business at least $25 million to ...
6 months ago Go.theregister.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
4 months ago Securityzap.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
6 months ago Securityboulevard.com
Mortgage giant Mr. Cooper data breach affects 14.7 million people - Mr. Cooper is sending data breach notifications warning that a recent cyberattack has exposed the data of 14.7 million customers who have, or previously had, mortgages with the company. Mr. Cooper is a Dallas-based mortgage lending firm that employs ...
6 months ago Bleepingcomputer.com
Mr. Cooper Hackers Stole ~15 Million Users' Data - Mortgage company Mr. Cooper Group has finally 'fessed up to losing the personal info of 14,690,284 people. In today's SB Blogwatch, we leave him hangin'. Your humble blogwatcher curated these bloggy bits for your entertainment. The lender is one of ...
6 months ago Securityboulevard.com
Mr. Cooper Data Breach Impacts 14.7 Million Individuals - Mortgage giant Mr. Cooper is sending notification letters to 14.7 million individuals to inform them that their personal information was stolen in a recent cyberattack. The incident was identified on October 31, resulting in certain systems being ...
6 months ago Securityweek.com
Fewer cybersecurity professionals losing their jobs in breach 'blame' game - Cybersecurity job loss after a major incident is becoming less likely as organizations drop the "Blame" game for more practical approaches to breach prevention, a survey of 500 CISOs shows. More than 95% of CISOs reported their teams received greater ...
7 months ago Scmagazine.com
Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
7 months ago Jdsupra.com
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
Guardians of Finance: loanDepot Confronts Alleged Ransomware Offensive - Among the leading lenders in the United States, loanDepot has confirmed that the cyber incident it announced over the weekend was a ransomware attack that encrypted data. In the United States, LoanDepot is one of the biggest nonbank mortgage lenders. ...
5 months ago Cysecurity.news
AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
7 months ago Jdsupra.com
Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
7 months ago Jdsupra.com
Panasonic discloses data breach after December 2022 cyberattack - Panasonic Avionics Corporation, a leading supplier of in-flight communications and entertainment systems, disclosed a data breach affecting an undisclosed number of individuals after its corporate network was breached more than one year ago, in ...
6 months ago Bleepingcomputer.com
Week in review: Terrapin SSH attack, Mr. Cooper breach - Creating a formula for effective vulnerability prioritizationIn this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. EMBA: Open-source ...
6 months ago Helpnetsecurity.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
7 months ago Bleepingcomputer.com
Proliance Surgeons Announces Cyber Attack Resulting in Data Breach - On November 21, 2023, Proliance Surgeons filed a notice of data breach with the Attorney General of Massachusetts after discovering that a February 2023 cyberattack enabled an unauthorized party to access the company's computer network. In this ...
7 months ago Jdsupra.com
Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
1 week ago Jdsupra.com
Mr. Cooper breach exposes sensitive info of over 14 million customers - Mortgage company Mr. Cooper has confirmed that personal information of over 14.6 million customers has been exposed in its October 2023 data breach. The company immediately started an investigation, contacted the authorities, shut down its systems, ...
6 months ago Helpnetsecurity.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
6 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)