As mortgage lender LoanDepot continues recovery efforts from a ransomware attack, it revealed on Monday that hackers stole data from more than 16 million customers. A Securities and Exchange Commission filing from the mortgage lender did not detail what kind of information the hackers breached, only that "an unauthorized third party gained access to sensitive personal information."
LoanDepot first revealed it has fallen victim to attack on January 8. The company took some IT systems offline, but it faced a slow recovery. Customers took to social media to complain payment issues, struggles to access their accounts and even trouble closing deals on mortgages. By Friday, about two weeks since LoanDepot first came forward about the incident, systems like customer portals and other internal sites returned back online. It appears that LoanDepot fell victim to a ransomware attack, where hackers demand money in exchange for access or information, according to reporting from TechCrunch.
"Unfortunately, we live in a world where these types of attacks are increasingly frequent and sophisticated, and our industry has not been spared. We sincerely regret any impact to our customers,” LoanDepot CEO Frank Martell said in a statement.
Still, the true aftermath of the attack is still coming to light. LoanDepot did not provide additional comment, or explain what types of sensitive information may have been revealed. It did say it would offer free credit monitoring and identity protection services to impacted customers. Notably, three other major financial institutions — Mr. Cooper Group, Fidelity National Financial, First American Financial — have also been hit by cyberattacks in recent months.