Finance & Banking , Incident & Breach Response , Industry Specific

Mr. Cooper Hacking Incident Affects Data of 14.7 Million

Data Stolen From Mortgage Lender Includes Bank Account Numbers
Mr. Cooper Hacking Incident Affects Data of 14.7 Million
Hackers stole the bank information of Mr. Cooper mortgage lendees. (Image: Shutterstock)

A late October hacking incident at mortgage lender Mr. Cooper affected 14.7 million individuals, the Texas company disclosed Friday.

See Also: Strengthening Operational Resilience in Financial Services

The incident triggered a four-day shutdown of corporate systems and a suspension in lending. The company manages approximately $937 billion in loans and more than 4.3 million customers. In breach notifications being sent to affected individuals, the non-bank lender said stolen information includes names, Social Security numbers, birthdates and bank account numbers.

Hackers gained access on Oct. 30 and were ejected on Nov. 1.

In a filing with federal regulators, Mr. Cooper estimated the incident will cost $25 million, up from a previous estimate of between $5 million to $10 million. The incident has not affected expectations for new loan income or revenue from servicing existing loans, it said.

Affected individuals include anyone with a mortgage serviced currently or previously by Mr. Cooper or one of its sister brands: RightPath Servicing, Rushmore Servicing, Greenlight Financial Services, and Champion Mortgage. Anyone who applied for a home loan is also swept up in the attack.

The incident came just as U.S. federal regulators have stepped up requirements for publicly traded companies and the non-banking financial sector entities to disclose security incidents. As of Monday, all publicly traded companies excepting small companies - who have an extra 180 days to comply - must disclose most "material cybersecurity incidents" within four business days of determining materiality (see: SEC Votes to Require Material Incident Disclosure in 4 Days).

The Federal Trade Commission in October imposed a new reporting mandate for nonbank financial institutions requiring them to report a data breach to the agency anytime a third party acquires without authorization the unencrypted records of at least 500 consumers. The mandate becomes effective on May 13 (see: FTC Expands Financial Data Breach Reporting Requirements).


About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.