Mortgage giant Mr. Cooper confirms hackers stole details of 14 million customers

A digital padlock on a blue digital background.

(Image credit: Shutterstock / vs148)

Mortgage giant Mr. Cooper has revealed more details on the effects of the cyberattack it suffered in late October, confirming that millions of its customers have had their data stolen.

The company has filed a report with Maine’s attorney general office in which it confirmed the hackers stole identity data belonging to more than 14.6 million customers.

The data that was taken includes customer names, addresses, dates of birth, phone numbers, Social Security Numbers, and bank account details - although fortunately, further banking information seems to be unaffected, as it was being held elsewhere.

No confirmation of ransomware attack

Simultaneously, Mr. Cooper has notified the affected customers via an email in which it stated that the stolen data included personal information on the people whose mortgage was previously acquired, or serviced, while the company was called Nationstar Mortgage. Customers whose mortgages were serviced by a sister brand were most likely also affected, it added.

The company initially declined to confirm or deny whether it had been hit by a ransomware attack, but while investigating the breach, the firm advised customers to monitor their financial accounts and credit reports, and offered complimentary credit monitoring services in due course, as well as promoting other basic online cybersecurity measures, including changing passwords.

The lender said that customers’ rates and fees will not be impacted by the incident and that it’s “actively working to resolve the issue and restore [its] systems as soon as possible” to help customers close their loans on time.

The company, which has 4.3 million customers on the books according to its Q3 2023 financial report, is on track for reaching its $1 trillion target soon – it’s now managing $937 billion in loans.

In the filing, the company said the cyberattack will cost it at least $25 million.

Via TechCrunch

More from TechRadar Pro

Bad news - infamous Qbot malware appears to have returned once again
Here's a list of the best firewalls today
These are the best endpoint protection services right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.