MIAC Analytics revealed it was the victim of a data breach in April, one of several mortgage players to
It's unclear how many clients were impacted by the incident at
"MIAC determined that in connection with this incident there was unauthorized access to certain systems in its environment, and as a result, certain data stored on MIAC's systems was subject to unauthorized acquisition," the company said in a consumer notice filed with cybersecurity firm IDX.
But Freedom Mortgage was affected as it revealed in a disclosure to the Indiana state attorney general that 592 of its customers had undisclosed information compromised. A limited amount of the lender's past data was in MIAC's database and may have been compromised, a company spokesperson said on Friday, who emphasized Freedom's systems hadn't been breached, and that the company had used MIAC several years ago.
A representative for MIAC declined to comment Friday. The cyberattack was described in a letter to consumers shared with the Massachusetts Office of Consumer Affairs and Business Regulation, and in the IDX announcement.
There was no evidence of identity theft or fraud, MIAC said. The firms offered affected consumers 12 to 24 months of complimentary credit monitoring from IDX.
MIAC doesn't appear to have been disrupted further, and has since regularly announced loan sales on behalf of its mortgage clients.
That revelation comes after another lender, the mortgage arm of Cornerstone Capital Bank, said its customers were affected by an attack in February at one of its service providers. Houston-based Cornerstone Home Lending said 15,042 of its clients had information compromised, according to a notice to the Indiana state attorney general in March.
"Our investigation determined that the service provider stored Cornerstone data that includes your name, address, loan number and bank account number," wrote Toby Wells, president of the Loan Servicing Division, in a letter shared with the same Massachusetts office.
Representatives for Cornerstone didn't return requests for comment this week.
The attack was perpetrated by Russian-linked ransomware gang Clop, according to
Carrington Mortgage Services meanwhile faces accusations of negligence from consumer plaintiffs in three federal lawsuits
The hacks at Alvaria in November and March impacted at least 50,690 clients, the companies said in disclosures to state attorneys general. It's unclear which customers were affected in each incident, but Social Security numbers were among compromised data.
The lawsuits include estimates of the number of customers impacted, ranging from over 685,000 to more than 3 million clients. Neither attorneys nor the companies in the cases didn't respond to requests for comment Friday.
The complaints