Fairway Independent Mortgage Corp., one of the top 10 U.S. mortgage lenders, experienced a cyber attack in December, attributed to vulnerabilities within a vendor system. The breach, disclosed to the Massachusetts Office of Consumer Affairs and Business Regulation, involved unauthorized access to a third-party system utilized by Fairway. Despite prompt patch implementation and engagement of a third-party security firm for analysis, the breach compromised sensitive customer data, including names, Social Security numbers, and financial information.
The cyber attack affected 430 customers in Massachusetts, although the total number of individuals impacted nationwide remains undisclosed. Fairway responded by offering affected individuals free identity theft protection and credit file monitoring. This incident underscores the growing threat of cyber attacks in the mortgage industry, as other companies like Mr. Cooper Group and First American have also faced similar breaches, prompting concerns among industry executives and emphasizing the need for heightened security measures.
Mortgage executives express alarm over the frequency of cyber attacks targeting the industry, particularly servicers, and acknowledge the challenges in safeguarding vast amounts of customer data. Despite efforts to bolster cybersecurity, the motive behind the surge in attacks remains unclear. The incidents have placed the mortgage sector on high alert, prompting industry stakeholders to reassess security protocols and prioritize the protection of customer information in an increasingly digital landscape.