Mr. Cooper is accusing its insurers of not indemnifying it for losses caused by a cyber attack that hit the nonbank's systems in late 2023 and shut operations down for almost a week.
Litigation filed by the company points to a total of $30 million in losses that have yet to be covered by its insurance partners.
This sum includes the cost "to restore its computer systems…which were a direct result of the criminal actions of the cyber hackers," litigation filed by Mr. Cooper in Texas federal court said.
The company also reveals in its suit that it paid a ransom to the hacker to regain full access to its systems.
Mr. Cooper's insurers, which it alleges "improperly denied coverage" are National Union Fire Insurance Company and Berkshire Hathaway Specialty Insurance.
The nonbank is suing for breach of contract, violation of both Texas insurance code and common law duty of good fair and fair dealing. National Union could not immediately be reached on Monday. Berkshire did not respond to a request for comment.
The nonbank's complaint filed Nov. 13 says that "at its most challenging time when Mr. Cooper expected support…National Union has stood out for its reprehensible conduct."
"It has reneged on its clearly bargained-for coverage and, worse, strung Mr. Cooper along for nearly a year with excessive information requests, all the while refusing to make any payments required towards Mr. Cooper's substantial and direct losses," the litigation alleges.
Out of almost $30 million, National Union agreed to cover $300,000, a denial of nearly 99% of Mr. Cooper's losses, documents show.
Berkshire, meanwhile, has taken no coverage position in response to the claim, and in so doing has also delayed payments required towards Mr. Cooper's substantial losses, litigation alleges.
Mr. Cooper purchased a tower of insurance for hybrid financial institutions bond/crime computer coverage applicable to the period of July 11, 2023 to July 11, 2024, it said in its complaint. The primary insurer of this tower is National Union and the first excess insurer is Berkshire.
The nonbank servicer and lender is seeking an awarding payment of damages in an amount no less than $15 million from both insurers, the complaint said.
The cyber attack, which leaked the
Additionally, a class action lawsuit has been lodged by borrowers impacted by the breach. An amended complaint for the
Since the breach, Kay Pollard, a current customer of Mr. Cooper has been "bombarded" with unauthorized activity on her credit report, which required her to repeat the process of freezing some of her accounts, she said. She —along with all 22 class members – also received a slew of spam emails, calls and text messages, which are believed to be affiliated with the breach.
Katy Ross, on the other hand, had $25,000 stolen from her Charles Schwab account by a bad actor in January 2024, a crime she linked to her personal identifiable information being compromised. After the theft, Ross reported the incident to the Federal Bureau of Investigation, but it remains unclear whether the stolen funds have been recovered.
Other plaintiffs, including Linda Hansen and Emily Burke, say, following the event in the fall, fraudsters have attempted to open up four and 11 credit cards in their name, respectively.
An
Mr. Cooper in turn disputes claims that the ransomware attack is
"There is absolutely no evidence that any of the personal identifiable information subject to the ransom attack is on the dark web," Mr. Cooper wrote in a filing dated Aug. 20. "Plaintiffs have not alleged any Article III injury sufficient to give them standing to state a claim."
The case is still pending as of mid-November.
