The Future Is Here
We may earn a commission from links on this page

Huge Mortgage and Loan Company Suffers Data Breach Impacting 14 Million People

Public filings show that a wealth of personal data points were stolen during the breach.

We may earn a commission from links on this page.
Image for article titled Huge Mortgage and Loan Company Suffers Data Breach Impacting 14 Million People
Photo: Casimiro PT (Shutterstock)

If you’ve ever bought a home with the help of the mortgage and loan firm Mr. Cooper, there’s a good chance that your personal information has been stolen by cybercriminals.

TechCrunch first reported that Mr. Cooper suffered a pretty catastrophic data breach in October, the likes of which impacted as many as 14.6 million people.

Advertisement

Mr. Cooper, formerly Nationstar Mortgages, is considered one of the largest mortgage and loan companies in the country. The firm, which was founded in 1994, currently handles home ownership services for some 4 million people, according to its website. However, the cyberattack the company recently experienced seems to have impacted not just current but also former customers. The company said, in a filing with the Securities and Exchange Commission, that the breach had impacted “all of our current and former customers.” A separate filing says the total number impacted includes over 14 million people.

Advertisement

What customer information was compromised in the breach? In its own words, Mr. Cooper says that the breach included a wealth of customer data points, including their “name, address, phone number, Social Security number, date of birth, bank account number.”

Advertisement

In its data breach filing with the Maine attorney general’s office, Mr. Cooper noted that malicious actors appeared to have been inside its systems for a couple of days before company authorities caught on to the intrusion.

“Through our investigation, we determined that there was unauthorized access to certain of our systems between October 30, 2023, and November 1, 2023. During this period, we identified that files containing personal information were obtained by an unauthorized party.” Additional details about the attack haven’t been shared at this time.

Advertisement

When reached for comment by Gizmodo, a Mr. Cooper representative shared a short statement from Jay Bray, Chairman and CEO of the Mr. Cooper Group: “We take our role as a mortgage company very seriously, and there is nothing more important to us than maintaining our customers’ trust. I want you to know how sorry I am for any concern or frustration this may have caused. Making the homeownership journey as smooth as possible is our top priority, and we intend to make this right for our customers.”

A statement about the breach on the company’s website says that is offering two years of free credit monitoring and identity protection services to impacted customers. “We will be directly notifying customers and providing them with enrollment instructions for the free identity protection services,” the statement reads.