Article Details

Mortgage giant Mr. Cooper says customer data exposed in breach. Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31. The mortgage loan giant's notice says it's still investigating the nature of the compromised data and will provide affected customers with more information over the coming weeks. Mr. Cooper said the attackers could not access customers' financial information as the impacted systems did not store such data. "Please note that Mr. Cooper does not store banking information related to mortgage payments on our systems," the nonbank mortgage servicer said. "This information is hosted with a third-party provider and, based on the information we have to date, we do not believe it was affected by this incident. As a result, we do not believe that any of our customers' banking information related to mortgage payments was impacted." The company has not disclosed whether the attackers issued a ransom demand after last month's security breach. Mr. Cooper also urged customers to monitor their credit reports and bank accounts, with any signs of suspicious or unauthorized activity promptly reported to their bank. Individuals potentially affected by the incident were also advised to place a 'fraud alert' on their credit bureau files as a precautionary measure and to be alerted about any attempts to open new accounts using their Social Security number. Breach contained via IT shutdown The October 31 security breach forced the company to shut down IT systems, including access to phone lines, support chatbot, and the online payment portal. "We are experiencing a system/technical outage, and we hope to resolve this soon," a system outage banner on Mr. Cooper's website warned. "Customers trying to make payments will not incur fees or any negative impacts as we work to fix this issue. We apologize for any inconvenience this may cause and will continue to provide regular updates." ​Later that day, the company told BleepingComputer that the outage resulted from a cyberattack. It also promised not to charge any fees, penalties, or negative credit reporting related to late payments until it finished restoring impacted systems. Mr. Cooper, formerly Nationstar Mortgage LLC, is a mortgage lending company headquartered in Dallas, Texas, with around 9,000 employees. The home loan servicer says it has a customer base of 4.1 million and is managing loans totaling $937 billion, according to Q3 2023 results reported in October.