Mortgage giant Mr. Cooper is sending notification letters to 14.7 million individuals to inform them that their personal information was stolen in a recent cyberattack.
The incident was identified on October 31, resulting in certain systems being taken down, including those used for processing customer payments, the company announced in early November.
On December 15, Mr. Cooper started notifying customers that, between October 30 and November 1, the attackers had access to certain systems and exfiltrated files containing customer personal information.
In the notification letter sent to the impacted individuals, a copy of which was submitted to the Maine Attorney General's Office, Mr. Cooper says that the compromised personal information includes names, addresses, dates of birth, phone numbers, Social Security numbers, and bank account numbers.
Mr. Cooper says it has fully restored the systems that were locked down following the attack, and that it is monitoring the dark web to see if the stolen data is being shared by the attackers.
The company says it has no evidence at this time that the stolen information was misused for fraud or identity theft, but it is providing identity protection and credit monitoring services to the impacted individuals and encourages them to enroll.
Mr. Cooper has not provided specific details on the type of cyberattack it has suffered, but taking systems offline is the typical response to a ransomware attack.
To date SecurityWeek has not observed any ransomware gang taking responsibility for the incident.
This Cyber News was published on www.securityweek.com. Publication date: Tue, 19 Dec 2023 11:43:04 +0000