One of the largest mortgage loan servicers in the U.S. said the information of nearly 14.7 million people was leaked during a previously reported cyberattack in October.
Mr. Cooper - which says it has more than 4.3 million customers and manages a servicing portfolio of $937 billion - filed breach notification documents with regulators in Maine and California on Friday.
The company did not say if it was a ransomware attack, nor did it respond to requests for comment.
The company has not shown up on any ransomware leak sites.
They are monitoring the dark web and have not seen evidence that the data stolen from their platforms has been shared or published.
Victims are offered two years of credit monitoring protections and a call line was created for this with questions.
The Texas-based mortgage giant was forced to offer customers alternate ways of paying off loans after the cyberattack on October 31.
The company is the largest nonbank mortgage servicer in the U.S, providing servicing and originations for homeowners throughout the country.
In November, customers attempting to log in to Mr. Cooper's website to pay their mortgages or loans were instead greeted with a message stating that the company was suffering a technical outage.
The company later reported that a cyberattack severely affected its systems, waiving late fees and other penalties associated with late payments.
The attack came one week after the Federal Trade Commission raised concerns about cyberattacks on non-bank financial institutions and approved a new rule that will make it mandatory for them to report data breaches and security events within 30 days.
Ransomware gangs have repeatedly targeted pain points in the financial industry throughout 2023.
Fidelity National Financial - a Fortune 500 provider of title insurance for property sales - was hit with ransomware last month, snarling home purchases across the U.S. for days.
Financial services giants like MeridianLink, Tipalti and Moneris have all reported incidents this fall.
One of the world's largest banks, ICBC, also announced a ransomware attack last month.
Jonathan has worked across the globe as a journalist since 2014.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.
This Cyber News was published on therecord.media. Publication date: Mon, 18 Dec 2023 14:50:27 +0000