8 cybersecurity developments in the mortgage industry

Complimentary Access Pill
Enjoy complimentary access to top ideas and insights — selected by our editors.

Cyberattacks are on the rise these days. Recent instances within the mortgage industry include Lakeview Loan Servicing discovering a data breach impacting more than two and a half million customers, while AFR reported more than 200,000 borrowers were affected by various extortion attacks.

Read our roundup for more on these stories and other cybersecurity developments impacting the industry.

p1ags121at3p2133ocp81uog1p4ik.jpg
Tomasz Zajda - Fotolia

Wire or title fraud discovered in 33% of transactions in the first quarter of 2022

With wire or title fraud discovered in 33% of transactions, according to a Q1 2022 analysis by fraud prevention software provider FundingShield, mortgage firms are closely monitoring the growing risk of fraud in the industry.

At American Financial Resources, for example, a recent data breach left more than 216,645 borrowers affected in March, according to a disclosure with the Indiana Attorney General’s Office.  In this case, the company identified suspicious activity in December and determined that information such as social security numbers were accessed.

“AFR has taken steps to enhance its existing cybersecurity measures following the incident and will continue to look for opportunities to implement additional enhancements,” said Bill Packer, AFR executive vice president and chief operations officer.

Read more: Large data breaches reported by multiple mortgage firms
cybersecurity.jpg

Panel of experts warn that precautions are key in fighting cyberfraud

The Colonial Pipeline hack last year and data breaches reported by five lenders and a title company are just two illustrations of the impact on both lenders and borrowers as of late. 

“There’s a false sense of security related to the fact that we have controls in place and therefore we are protected,” says Oleg Kolesnikov, vice president of threat research and detection at Securonix. “Controls often do not mean protection. Protection has to be validated and validated on a continuous basis.”

Awareness and precautions are key elements that can help mortgage companies prevent cyberattacks. Here are six aspects of cyber fraud that firms need to watch. 

Read more: How fraudsters target mortgage lending 
Concept on the real estate and evasion from taxes
SERGEY CHAYKO/Sergey Chayko - stock.adobe.com

Six indicted in Texas over wire fraud scheme

The U.S. Attorney’s Office for the Southern District of Texas indicted six co-conspirators for making false statements to a mortgage lending business and wire fraud, among other charges, in an ambitious mortgage fraud scheme. 

The defendants, two of whom remain at large, used false statements and documents to obtain properties in their clients’ names with the intention of building a multimillion dollar real estate portfolio. They each face 30 years in prison and $1 million in fines.

Read more: Mortgage broker wanted by feds for role in wide-ranging fraud 
Rent house
CenturionStudio.it - stock.adobe

Lakeview Loan Servicing reports data breach of 2.5 million users

An undetected cyberattack that leads to a data breach can cost a company more than the compromised personally identifiable information of more than two and a half million customers, as Lakeview Loan Servicing has found out. After discovering this at Lakeview, the company was hit with eight class action lawsuits.  

“This PII was compromised due to the defendant's negligent, careless and intentional acts and omissions and the failure to protect the PII of Plaintiff and Class Members,” wrote attorney Daniel Rosenthal of DBR Law in a complaint on behalf of one customer.

Lakeview declined to comment on the lawsuits, but issued a statement. “Like many other organizations, Lakeview experienced a security incident in 2021,” the statement said. “Steps were taken to immediately contain the incident and a thorough investigation was conducted. Lakeview’s operations were not disrupted.”

Read more: Mortgage servicer reveals data breach affecting 2.5 million users 
Ruble Sinks as Russia Isolated by Sanctions
Andrey Rudakov/Bloomberg

Analysts assess the Russian security threat

Federal officials have warned the mortgage industry to prepare for potential cyberattacks from Russia in the wake of the Russia-Ukraine war. While no mortgage data breach has been linked to Russian entities so far, the trillion-dollar mortgage industry could prove to be a tempting target.

“I don’t know if shutting someone’s mortgage operation down buys the Russian government a lot,” said  JT Gaietto, chief security officer at cybersecurity firm Digital Silence. “But from a monetization and defrauding perspective, it definitely buys the organized crime, oligarch section of the Russian populace some breathing room financially.” 

While the mortgage industry is not necessarily more at risk than other industries, experts advise that firms would be wise to bolster their cybersecurity defenses.

Read more: Russian threat keeps mortgage cybersecurity experts on alert 
cyber crime hacker typing on laptop
Benjamin Howell

Fraud attempts in 2021 averaged 1,431 per month

A cybersecurity incident is possible at any point during the mortgage process, from account creation to funds distribution. Nevertheless, many mortgage firms say they aren’t taking the necessary security precautions to prevent data breaches

“Many people in the industry don’t think that they’re susceptible, either because of their size, or because they outsource everything, or it’s not something they’ve thought about,” said Digital Silence Chief Security Officer JT Gaietto.

Approximately only half of respondents in a recent Arizent survey say they conduct self testing of their own IT infrastructure’s cybersecurity. But with a monthly average of 1,431 fraud attempts in 2021, firms need to do more self testing as well as take other cybersecurity precautions. 

Read more: As mortgage cyber threats evolve, more self-testing is needed 
Hacker from russia at work cybersecurity concept
Michael Borgers/beebright - stock.adobe.com

Cybercriminals are employing double and triple extortion attacks, experts say

More complex cybercrimes using double and triple extortion attacks to access and leverage personally identifiable information are the latest threats to the mortgage industry, with fintechs potentially more susceptible than others.

In these types of attacks on fintechs, cybercriminals hold companies for ransom, while simultaneously selling their information on the black market.

While fintechs have been recently targeted, cybersecurity professionals warn that all types of industry firms, including regular mortgage lenders of all sizes, servicers and title companies, are just as much under threat.

Read more: Are fintechs more vulnerable to complex cyberattacks? 
nmnmbaconferencetechpanel.jpg

Mortgage industry ‘tech debt’ worries industry experts

Mortgage companies using aging computer technology are more vulnerable to cyberthreats, according to a panel of industry leaders at the MBA’s recent Secondary Markets Conference in New York City.

Firms acknowledge that the issue, known as tech debt to industry professionals, is a problem and that they have a major decision to make: build their own loan origination and sales software or purchase it instead. 

Jason Doshi, CEO and co-founder of Paymints.io, a firm which facilitates digital fund transfers, put it succinctly. “Implementing a technology stack, you know, it's a decision of buy versus build,” he said.

Read more: Experts call ‘tech debt’ a significant cyber vulnerability 
MORE FROM NATIONAL MORTGAGE NEWS