LoanDepot's Recent Cyberattack Victims Soar to 17 Million Customers Having Their Data Stolen

The stolen data includes social security numbers.

LoanDepot has reportedly confirmed that nearly 17 million clients were affected by the data breach incident that occurred in January this year. According to the corporation, about 17 million consumers' personal information, including financial account numbers and social security numbers, was compromised.

When the corporation was hit by a ransomware attack from January 3 to 5, 2024, it first reported 16.6 million victims. The cyberattack prevented millions of LoanDepot customers from accessing their online accounts or making payments in the weeks that followed. According to LoanDepot's most recent filing, the number has risen to 16,924,071 customers' data being exposed as a result of the incident.

(Photo: THOMAS SAMSON/AFP via Getty Images)
An agent of the operational center of the French National Cybersecurity Agency (ANSSI) checks datas on a computer in Paris on November 24, 2022.

The massive loan and mortgage provider stated that names, dates of birth, email and postal addresses, financial account numbers, social security numbers, and phone numbers are among the stolen LoanDepot client data.

LoanDepot has not stated if the cyberattack will materially affect the company's financial situation since its most recent regulatory report.

In light of the accident, the business is providing customers with 24 months of credit monitoring and identity protection services from a top identification monitoring service, free of charge by Experian. These programs are stated to assist in identifying potential abuse of customers' data and offer customers identity security assistance that is concentrated on locating and stopping identity theft.

Customers are asked to enroll in the credit monitoring and identity protection services on or before May 31, 2024, as the complimentary 24-month membership will expire after the said date.

Cyberattacks Against Lending Firms

The second-biggest nonbank retail originator and the fifth-largest retail mortgage lender in the country, LoanDepot is reportedly headquartered in Irvine, California, it provides services to around 27,000 clients each month.

This is the most recent in a string of cyberattacks aimed at businesses involved in mortgages. LoanDepot disclosed a data breach that happened in August 2022 last May. A few months prior, Mr. Cooper, a mortgage broker with over 14 million clients, was the victim of a similar attack.

Additionally, in November and December of last year, ransomware assaults were reported by title insurance companies First American and Fidelity National Financial.

Ransomware Gang Behind Data Breach

After adding LoanDepot to ALPHV's dark web leak site on February 16, the ALPHV/Blackcat ransomware group has taken credit for the LoanDepot's recent network breach, according to Bleeping Computer. However, the threat actors still need to provide evidence to support such claims. After failed negotiations, ALPHV intends to sell the stolen data from LoanDepot's network for free.

The State Department is offering up to $10 million for information leading to the identification or whereabouts of the ALPHV gang leaders. An additional $5 million in reward is available for information on those involved in or attempting to participate in ALPHV ransomware investigations.

In the four months that this gang operated, from November 2021 to March 2022, the FBI connected it to nearly 60 breaches that occurred across the globe. According to the law enforcement authorities, until September 2023, over 1,000 victims paid ALPHV a minimum of $300 million in ransom.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics