loanDepot, a major U.S. mortgage lender, has experienced a cyberattack that prompted the company to temporarily shut down its IT systems, causing disruptions in online loan payments. With a workforce of approximately 6,000 people and a loan portfolio exceeding $140 billion, loanDepot is one of the largest nonbank retail mortgage lenders in the United States. Customers faced issues accessing the payment portal, leading to inquiries on social media platforms, where loanDepot confirmed the cyber incident and assured customers that efforts were underway to restore normal business operations.
While specific details about the nature of the cyberattack remain undisclosed, the potential for a ransomware attack is suggested. Such an attack could involve threat actors stealing corporate and customer data, leveraging it to pressure the company into paying a ransom. The company’s acknowledgment of the incident disappeared from some social media platforms, but a consistent message persists on the servicing portal, informing users of ongoing disruptions.
Given loanDepot’s history of a disclosed data breach in May 2022, customers are cautioned to be vigilant against potential phishing attacks and identity theft, particularly considering the sensitive financial and personal information held by the mortgage lender.
The cyber incident follows a similar pattern seen in the mortgage industry, with Mr. Cooper experiencing a cyberattack in November 2023 and subsequently disclosing a data breach that exposed the personal data of 14.7 million customers. As loanDepot grapples with the aftermath of the cyberattack, concerns linger about the potential impact on customer data security and the measures the company will take to address the situation.
