Another day, another US mortgage giant cyberattack, as hackers have now disrupted loanDepot.
The company has notified its customers of some problems it was having via an X post that noted: “loanDepot is experiencing a cyber incident, which is affecting our phone lines. We are working diligently to return to normal business operations as soon as possible. We apologize for the inconvenience.”
“loanDepot is experiencing a cyber incident. We have taken certain systems offline and are working diligently to restore normal business operations as quickly as possible,” it said in a separate announcement. “We are working quickly to understand the extent of the incident and taking steps to minimize its impact.”
Was it ransomware?
BleepingComputer reports that in addition to the phone lines, customers were also unable to log into the payment portal and pay their loans.
To address the problem, loanDepot brought in “leading forensics experts” and has notified the police, it said. “We sincerely apologize for any impacts to our customers and we are focused on resolving these matters as soon as possible.”
Other details about the attack are unknown at this time. We don’t know if this is a “simple” malware attack, or if it’s ransomware. We don’t know who the threat actors are, their motives, or whether they stole any sensitive information during the attack. Usually, companies would take their systems offline in case of a ransomware attack, and in such scenarios hackers usually steal user data, too.
As this is a mortgage company, the data could be highly sensitive, including financial and bank account information. Customers should be particularly wary of incoming email messages, as the potentially stolen information could be used in phishing and identity theft attacks.