The hack exploited vulnerabilities in Planet Home Lending's information security systems purchased from technology firm Citrix Systems, the lender said last week in a notice to the Office of the Maine Attorney General. The breach occurred Nov. 15, 2023, and Planet Home Lending said it discovered the intrusion the same day.
"Planet was able to determine with reasonable certainty that the threat actor accessed a read-only data folder, in which copies of loan files containing personally identifiable information of some of its customers were stored," the firm said in a consumer notice dated Jan. 24.
The personally identifiable information compromised includes customers' names, addresses, SSNs, loan numbers and financial account numbers.
The lender said it doesn't anticipate paying a ransom to the culprit in accordance with industry guidance; a ransom demand was not specified. The November hack is unrelated to Planet Home Lending's exposure in a
Neither the company nor an attorney who filed the Maine disclosure responded to requests for comment Monday.
The Citrix vulnerability was first discovered in August and the tech firm began releasing software updates in early October,
Planet Home Lending said
The lender claims there's no evidence of misuse of data and is providing affected consumers 24 months of complimentary credit monitoring and identity theft protection services through Experian's IdentityWorks. It's also offering up to $1 million in identity theft insurance, underwritten by Assurant-operated American Bankers Insurance Company of Florida.
Planet Home Lending originated over $950 million in loan volume last year through September, according to data from S&P Global. The Meriden, Connecticut-based company ended last year with 179 sponsored mortgage loan originators, Nationwide Multistate Licensing System data shows, and 35 branches nationwide.
The recent disclosure represents yet another major breach on a mortgage player in the
Also recently disclosing data breaches in Maine's database were smaller lenders Premium Mortgage Corp. and United Home Loans. Premium, a Rochester, New York-based lender, said 10,835 clients were affected in an August hack; Western Springs, Illinois-based United said the PII of 5,324 customers was compromised in a March 2023 incident.