Almost 17 million LoanDepot customers had sensitive personal information, including Social Security numbers, stolen in a January ransomware attack, the company has confirmed.
The loan and mortgage giant company said in a data breach notice filed with Maine’s attorney general’s office that the stolen LoanDepot customer data includes names, dates of birth, email and postal addresses, financial account numbers, and phone numbers. The stolen data also includes Social Security numbers, which LoanDepot collected from customers.
The number of affected LoanDepot customers rose from 16.6 million as initially disclosed to federal regulators last month, which did not say what specific customer data had been stolen.
LoanDepot was hit by a cyberattack around January 8 that it described at the time as involving the “encryption of data,” or a ransomware attack. It’s not known if LoanDepot paid a ransom, nor would a company spokesperson say when previously asked by TechCrunch.
The cyberattack left LoanDepot’s millions of customers unable to make payments or access their online accounts in the weeks that followed.
LoanDepot was one of several loan and mortgage companies targeted by malicious hackers in recent months.
Mortgage and loan giant Mr. Cooper said hackers stole the personal information of more than 14 million customers during an October cyberattack, costing the company at least $25 million in additional costs. Weeks later, one of the largest U.S. home insurance providers Fidelity National Financial was hit by a ransomware attack in November, knocking the company offline for over a week.
Since its last regulatory filing, LoanDepot has not said whether the cyberattack will have a material impact on the company’s financial condition.
This story was originally published on January 22, 2024, and updated on February 26, 2024 with new information about what customer data was stolen.
Do you work at LoanDepot and know more about the incident? You can contact Zack Whittaker on Signal and WhatsApp at +1 646-755-8849, or by email. You also can contact us via SecureDrop.