Mortgage and loan giant Mr. Cooper confirms cyberattack
Mr. Cooper, a mortgage and loan giant with more than four million clients, has confirmed that its customer data was exposed during a recent cyberattack.
In an update on its website, Mr. Cooper said it was still investigating what type of data may have been compromised. However, it still isn’t clear what type of cyberattack hit the company’s systems.
“Mr. Cooper does not store banking information related to mortgage payments on our systems. This information is hosted with a third-party provider and, based on the information we have to date, we do not believe it was affected by this incident,” said the firm.
“As a result, we do not believe that any of our customers’ banking information related to mortgage payments was impacted.”
Mr. Cooper plans to mail notices to customers affected by the October 31st attack in the coming weeks. Clients will also be provided with complimentary credit monitoring services.
Two days after the cyberattack, the company disclosed it in a regulatory filing and said it immediately shut down its systems to limit its impact. The cyberattack and its aftermath disrupted loan payments and other transactions for millions of customers.
Several Mr. Cooper customers have complained online about not being able to log into their accounts or get large payments confirmed. The company said in the notice that it was working to “get everything updated as soon as possible.”
The Federal Trade Commission recently finalized a rule requiring nonbank financial institutions to notify the agency within 30 days of a data breach affecting 500 or more customers.
Samuel Levine, the director of the commission’s Bureau of Consumer Protection, said the disclosure requirement would “provide companies with additional incentive to safeguard consumers’ data.” The requirement takes effect in 2024.