Connect with us

Hi, what are you looking for?

Business

Mortgage firm hit by cyberattack locking millions out of their accounts

These organizations contain customers’ sensitive banking and financial information, which positions them as a vulnerable sector for attacks.

As US inflation has soared to the highest levels in recent decades, the Federal Reserve has embarked on an aggressive campaign of interest rate hikes, with major impacts on mortgages
As US inflation has soared to the highest levels in recent decades, the Federal Reserve has embarked on an aggressive campaign of interest rate hikes, with major impacts on mortgages - Copyright PIB/AFP -
As US inflation has soared to the highest levels in recent decades, the Federal Reserve has embarked on an aggressive campaign of interest rate hikes, with major impacts on mortgages - Copyright PIB/AFP -

The latest data breach to hit the headlines is the disclosure of the loanDepot ransomware attack, a cyber-incident impacting 16.6 million customers. Consequently, many customers have said they have been unable to make payments or access their online accounts since the incident.

While loanDepot has yet to detail the type of personal data stolen, the number of individuals impacted makes this the most widespread compromise of customer data in the real-estate sector spree.

Considering the main issues for Digital Journal is Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ and from Nick Tausek, Lead Security Automation Architect at Swimlane.

Beginning with Costis, the analyst recounts the recent issue: “Mortgage lender loanDepot disclosed that a ransomware attack earlier this month resulted in the disclosure of 16.6 million customers’ sensitive data. After the incident, systems, including the servicing customer portal, MyLoanDepot, were moved offline. Customers are still struggling to make mortgage payments online.”

In terms of the general issue, Costis points out how: “Non-banking financial institutions continue to be a target for ransomware attacks. Organizations that manage the sensitive banking and financial information of millions of individuals must prioritize a threat-informed cybersecurity posture.”

There are measures that can be taken to minimise the impact of such attacks. According to Costis these include: “By testing one’s defenses against specific tactics, techniques, and procedures (TTPs) used by threat actors, organizations can emulate attacks to evaluate and adapt to any potential weaknesses. This will allow for a more proactive approach.”

Tausek adds further detail to the incident: “The attack, which occurred on January 6 2024, disrupted the servicing customer portals, leaving customers unable to make payments or access online accounts.”

Tausek calls out mortgage service providers as being particularly vulnerable, noting how these institutions continue to be a target for threat actors. As an example, Tausek cites: “In November, mortgage giant Mr. Cooper disclosed a cyberattack that breached nearly 15 million customers’ sensitive data. These organizations contain customers’ sensitive banking and financial information, which positions them as a vulnerable sector for attacks, highlighting the need for a more comprehensive security strategy.”

As to the appropriate types of measures that can be adopted to help to bolster defences, Tausek recommends: “Organizations should prioritize a preventative security approach to fortify defenses against ransomware threats and data breaches.”

The advantages are: “Implementing security automation allows organizations to enhance operational flexibility and create an efficient incident response in real time. Automating and standardizing these processes improves response time and comprehension against these evolving threats.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Entertainment

"The Lord of the Rings" returns to the big screen this month with a new Japanese anime-style movie.

Life

Many criminals create convincing websites that mimic legitimate travel booking platforms.

Entertainment

Australian artist Ruel released his new collection "Made it even more awkward" via Giant Music.

Entertainment

Producer Brian Nolan chatted about "The Merry Gentlemen" on Netflix, with a little help from Gizmo.