On Monday, the massive mortgage and lending company LoanDepot said that it is the target of a cyberattack and is “working diligently to restore normal business operations as quickly as possible.”
The Irvine, California-based business stated that it has “taken certain systems offline” and is “working quickly to understand the extent of the incident and taking steps to minimize its impact” in a brief statement posted on its cybersecurity incident website.
In a document sent to federal regulators, LoanDepot acknowledged the intrusion and suggested that ransomware was likely involved by referring to the event as including the “encryption of data.”
According to the regulatory filing, “the company responded by shutting down certain systems and continuing to implement measures to secure its business operations, bring systems back online, and respond to the incident.”
A representative for LoanDepot, Jonathan Fine, responded to an email requesting comment via email, restating the firm’s position but declining to elaborate or clarify if the company has received a ransom demand from the hackers.
On its investor page, LoanDepot claims to have millions of clients. The client portals and other LoanDepot website sections are not working. Users may see a brief delay in viewing the posted payment in their payment history, according to an error message on a login page that TechCrunch witnessed. “Recurring automatic payments are processing as expected,” the message reads. You can use our contact center to pay by calling 866-258-6572 and chatting with a representative.
The intrusion at LoanDepot is the most recent in a string of attacks that have targeted the loan and mortgage sectors in recent months.
One of the biggest insurance companies in the US, Fidelity National Financial, was forced down for over a week due to a ransomware assault in November. The mortgage and lending business owner, Mr. Cooper, said in December that hackers had taken over 14 million clients’ personal information during an earlier October intrusion. According to Mr. Cooper, the event would result in at least $25 million in additional expenditures, the majority of which would go toward paying for the credit monitoring of its impacted clients.
Companies must notify regulators of cybersecurity events that might have a “material” “impact on their business under new breach reporting regulations that went into effect in December.
“We will continue to assess the impact of the incident and whether the incident may have a material impact on the company,” stated LonDepot in a regulatory filing.