Mortgage lender Cooper has admitted that a previous IT security breach stole the personal information of around 14.7 million people, including addresses and bank account numbers, and that cleaning it up will cost at least $25 million. It is expected that
The company disclosed the network intrusion in October, but initially said the “isolated” incident “did not impact the systems or technology of our customers or partners.”
In the notice filed in each state of the United States: California and maine On Friday, the mortgage giant revealed that the scope of the cyberattack was far worse than it had thought. Very personal records belonging to millions of people were stolen by one or more criminals.
“The investigation revealed that some of our systems were compromised between October 30, 2023 and November 1, 2023,” the notice said. [PDF] Sent to 14,690,284 people. “During this period, we have confirmed that files containing personal information were obtained by an unauthorized party.”
This personal information includes people’s names, addresses, phone numbers, social security numbers, dates of birth, and bank account numbers.
Affected are those who may have previously had a mortgage loan obtained or serviced by Mr. Cooper, Nationstar Mortgage LLC, Centex Home Equity, or another sister brand or service partner. . People who previously applied for home loans with these financial institutions may also be affected. Mr. Cooper, formerly known as Nationstar, is based in Texas.
The company says it has found no evidence that this data was used for identity theft or fraud, but Cooper said thieves may have shared, leaked or otherwise misused the stolen files. He said he will continue to monitor the dark web for evidence that there is. Additionally: All affected individuals will receive 24 months of free credit monitoring.
When asked about the breach, a spokesperson for Mr. Cooper said: register to statement on Biz’s website.
“We take our role as a mortgage lender very seriously, and nothing is more important to us than maintaining the trust of our customers,” CEO Jay Bray said in a statement. Ta. “I want you to know how sorry I am for the concern and frustration this has caused.”
In addition to mailing data breach notifications to millions of people, Cooper on Friday Update Form 8-K Reported to the U.S. Securities and Exchange Commission, reporting higher-than-expected costs related to digital intrusions.
“Our forensic investigation, collaboration with law enforcement and regulators, and litigation defense are ongoing,” the industry said, adding that the company is offering free privacy services to customers whose data may have been stolen. He added that he is currently working on this.
“We are updating our guidance for fourth quarter vendor costs related to incidents to $25 million ($5 million to $10 million), which includes accruals for the cost of providing privacy services over a two-year period. ”, the application states. ®