Mr. Cooper Data Breach has sent shockwaves amongst the cybersecurity community as the mortgage lending firm was forced to shut down its IT systems to prevent further damage.
Mr. Cooper mortgage lending firm based in Dallas, has issued data breach notifications to inform customers of the cyberattack that compromised the data of 14.7 million individuals who either currently or previously held mortgages with the company.
As one of the largest mortgage servicers in the United States, Mr. Cooper has a significant customer base and employs approximately 9,000 staff members. The company manages loans amounting to a substantial $937 billion.
Mr. Cooper Data Breach – Details
The breach was discovered on October 31, 2023, following a cyberattack that occurred on October 30, 2023. Mr. Cooper hackers compelled the firm to temporarily shut down all of its IT systems, including the online payment portal used for loan and mortgage payments.
A week after disclosing the incident, Mr. Cooper confirmed that the attackers had accessed customer data. However, it was reassuringly stated that no financial information was compromised. The specific nature of the breached data is still under investigation as the company continues its efforts to address the situation.
Mr. Cooper has submitted a report to the Office of the Maine Attorney General, stating that the recent cyberattack has impacted a significant number of individuals, specifically 14,690,284 people.
Mr. Cooper Leaks – Data at Risk
The compromised information includes sensitive details such as full names, home addresses, phone numbers, Social Security Numbers (SSN), dates of birth, and bank account numbers.
This exposure of personal data poses a considerable risk to the affected individuals. They may become targets of phishing attempts, scams, and social engineering attacks.
Additionally, the leak of bank account numbers increases the potential for bank fraud and identity theft. Impacted individuals must remain vigilant and take appropriate measures to protect themselves from these potential threats.
“Upon learning of this incident, we immediately took steps to identify and remediate it, including locking down our systems, changing account passwords, and restoring our systems,” the breach notification reads.
“We initiated a detailed review to identify personal information contained in the impacted files as part of the incident.”
“We are monitoring the dark web and have not seen any evidence that the data related to this incident has been further shared, published, or otherwise misused.”
Users Advised to Stay Vigilant
To mitigate the impact of the Mr. Cooper Data Breach recipients are urged to maintain a high level of vigilance and exercise caution when dealing with unsolicited communications.
It is essential to remain cautious of suspicious emails, messages, or phone calls that may attempt to exploit the compromised information.
As a precautionary measure, Mr. Cooper mortgage is offering a 24-month identity protection service to assist affected individuals in safeguarding their identities.
Currently, no specific details regarding the type of cyberattack have been disclosed. Additionally, no ransomware groups have claimed responsibility for the Mr. Cooper Data Breach. The investigation is ongoing, and any significant updates regarding the nature of the attack will be communicated as appropriate.
This incident follows the recent First American Financial Hack that also forced the First American Financial Corporation to shut down their IT systems.
