Mr. Cooper Data Breach Affects 14.7 Million – Mortgage Firm Shuts Down IT Systems

Written by Andrew Doyle

December 27, 2023

Mr. Cooper Data Breach Affects 14.7 Million – Mortgage Firm Shuts Down IT Systems

Mr. Cooper Data Breach has sent shockwaves amongst the cybersecurity community as the mortgage lending firm was forced to shut down its IT systems to prevent further damage.

Mr. Cooper mortgage lending firm based in Dallas, has issued data breach notifications to inform customers of the cyberattack that compromised the data of 14.7 million individuals who either currently or previously held mortgages with the company.

As one of the largest mortgage servicers in the United States, Mr. Cooper has a significant customer base and employs approximately 9,000 staff members. The company manages loans amounting to a substantial $937 billion.

Mr. Cooper Data Breach – Details

The breach was discovered on October 31, 2023, following a cyberattack that occurred on October 30, 2023. Mr. Cooper hackers compelled the firm to temporarily shut down all of its IT systems, including the online payment portal used for loan and mortgage payments.

Mr. Cooper Data Breach - Details

A week after disclosing the incident, Mr. Cooper confirmed that the attackers had accessed customer data. However, it was reassuringly stated that no financial information was compromised. The specific nature of the breached data is still under investigation as the company continues its efforts to address the situation.

Mr. Cooper has submitted a report to the Office of the Maine Attorney General, stating that the recent cyberattack has impacted a significant number of individuals, specifically 14,690,284 people.

Mr. Cooper Leaks – Data at Risk

The compromised information includes sensitive details such as full names, home addresses, phone numbers, Social Security Numbers (SSN), dates of birth, and bank account numbers.

This exposure of personal data poses a considerable risk to the affected individuals. They may become targets of phishing attempts, scams, and social engineering attacks.

Additionally, the leak of bank account numbers increases the potential for bank fraud and identity theft. Impacted individuals must remain vigilant and take appropriate measures to protect themselves from these potential threats.

“Upon learning of this incident, we immediately took steps to identify and remediate it, including locking down our systems, changing account passwords, and restoring our systems,” the breach notification reads.

“We initiated a detailed review to identify personal information contained in the impacted files as part of the incident.”

“We are monitoring the dark web and have not seen any evidence that the data related to this incident has been further shared, published, or otherwise misused.”

Users Advised to Stay Vigilant

To mitigate the impact of the Mr. Cooper Data Breach recipients are urged to maintain a high level of vigilance and exercise caution when dealing with unsolicited communications.

It is essential to remain cautious of suspicious emails, messages, or phone calls that may attempt to exploit the compromised information.

As a precautionary measure, Mr. Cooper mortgage is offering a 24-month identity protection service to assist affected individuals in safeguarding their identities.

Currently, no specific details regarding the type of cyberattack have been disclosed. Additionally, no ransomware groups have claimed responsibility for the Mr. Cooper Data Breach. The investigation is ongoing, and any significant updates regarding the nature of the attack will be communicated as appropriate.

This incident follows the recent First American Financial Hack that also forced the First American Financial Corporation to shut down their IT systems.

Related Articles

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!