Mr. Cooper's cybersecurity incident triggers class action suits

It has been a little less than two weeks since Mr. Cooper announced it was hit by a cyberattack, which shut down its servicing systems and resulted in customer data leakage. Now the mortgage servicer is facing at least two class action lawsuits over the incident.

In one of the suits, filed in a Texas federal court on Nov. 10, the plaintiff claims Mr. Cooper "failed to comply with industry standards to protect information in its systems that contain [personal identifiable information]." Additionally, the litigation accuses the servicer of being negligent in providing "timely, accurate, and adequate notice" that consumer data was compromised.

The class, represented by Nancy Randall, wants Mr. Cooper to "fully and accurately disclose the nature of the information that has been compromised and to adopt reasonably sufficient security practices and safeguards to prevent incidents like this in the future."

Mr. Cooper declined to comment on the pending litigation.

Since the attack, the mortgage servicer has rebooted all of its systems and is "serving customers at full capacity," a company spokeswoman said in a statement Tuesday. 

As one of the largest servicers in the nation, Mr. Cooper has close to 4.3 million customers nationwide. Though it is uncertain how many customers were impacted by the cybersecurity breach, the class action suit claims that it was in the "millions." 

Randall received notice from Mr. Cooper that her private information was compromised on Nov. 2, two days after the breach took place, according to the suit. For her and those similarly situated "the delay in identifying and reporting the data breach caused harm…depriving them of the ability to promptly mitigate potential adverse resulting consequences." 

"The ramifications of the defendant's failure to keep PII secure are long lasting and severe. Once stolen, fraudulent use of that information and damage to victims may continue for years. Fraudulent activity might not show up for six to 12 months or even longer," court documents said.

In reaction to the company's data breach, some analysts moved to lower their fourth quarter estimates.

A note published by Keefe, Bruyette & Woods, Inc. predicted that Mr.Cooper's mortgage servicing earnings will likely drop into the $200 million to $210 million range, down from a previous estimate of $213 million. It expects the mortgage servicer to incur an additional $5 to $10 million of vendor costs in the quarter as a result of the attacks.

Investment bank BTIG also published a report Nov. 9 noting the breach wont "lead to a material outflow of servicing clientele…but it could slightly weaken the growth prospects we envisioned for next year."

Meanwhile, Moody's Investor Service wrote in a note that the magnitude of the attack might impact the lender's credit quality.

"The full impact of the event will depend on duration of the disruptions, ensuing potential reputational damage, and magnitude of the breach," wrote Stephen Lynch, vice president and senior credit officer for Moody's.

For reprint and licensing requests for this article, click here.
Industry News Law and legal issues Cyber security Servicing
MORE FROM NATIONAL MORTGAGE NEWS