Large data breaches reported by multiple mortgage firms

In the past month, a number of mortgage firms have disclosed cyberattacks affecting a combined hundreds of thousands of customers, amid reports of rising industry fraud risk.

Lender American Financial Resources reported a data breach affecting 216,645 borrowers in March, according to a disclosure with the Indiana Attorney General’s Office. The Parsippany, New Jersey-based company identified suspicious activity in December and determined files including information such as social security numbers were accessed without authorization between Dec. 6, 2021 and Dec. 20, 2021.

The firm offered affected customers complimentary one-year Kroll credit monitoring and identity theft protection services. It also implemented additional security measures including a new endpoint detection and response tool, according to public notices.

“AFR has taken steps to enhance its existing cybersecurity measures following the incident and will continue to look for opportunities to implement additional enhancements as part of its ongoing commitment to cybersecurity,” said Bill Packer, AFR executive vice president and chief operations officer, in a statement.

It’s the largest publicly-disclosed mortgage data breach since Lakeview Loan Servicing’s March admission of a cyberattack impacting more than 2.5 million borrowers. Another servicer, Pingora Loan Servicing, disclosed a potentially far-reaching data breach impacting at least 169,000 customers according to notices filed with Iowa, Montana, Texas and Washington. An unauthorized person gained access to Pingora’s file storage servers between Oct. 27 and Dec. 7, 2021 and compromised information including names, addresses, loan numbers and social security numbers.

In addition to AFR, four lenders and a title company reported in the past two months breaches as far back as 2020, impacting a combined thousands of customers, according to Indiana public records. Cyberattacks impacted as few as 530 customers at one firm and as much as 7,491 at another, according to public notices, which didn’t elaborate on the type of incident.

Also, Maryland-based Certified Title Corporation disclosed last month that 10,624 of its customers were impacted by the massive Cloudstar ransomware attack last summer. Representatives for companies reporting data breaches didn’t respond to requests for comment Monday.

The revelations come after reports of increased fraud, with suspicious activity report filings rising sharply in 2021, according to the Treasury Department’s Financial Crimes Enforcement Network. A Q1 2022 analysis from fraud prevention software provider FundingShield found elements of wire or title fraud risk in one out of every three transactions. It found wire errors and perpetuated fraud instances elevated in around 6% of transactions.

The disclosures also come in the wake of President Biden’s signing of the $1.5 trillion omnibus spending bill, which includes new requirements for banks and other institutions to report significant cyber incidents to the government within 72 hours of determining their significance.

For reprint and licensing requests for this article, click here.
Fraud Cyber security Industry News
MORE FROM NATIONAL MORTGAGE NEWS