Mortgage and non-mortgage lending firm LoanDepot has fallen victim to a ransomware attack that resulted in system disruptions.
“The company has determined that the unauthorized third party activity included access to certain company systems and the encryption of data,” LoanDepot said in a Form 8-K filing with the Securities and Exchange Commission (SEC).
The Irvine, California-based nonbank holding company also said that it immediately took steps to contain the incident, launched an investigation into the matter, and started notifying regulators and law enforcement.
“The company shut down certain systems and continues to implement measures to secure its business operations, bring systems back online and respond to the incident,” LoanDepot said.
The SEC filing, however, does not provide details on whether any personal information might have been compromised during the attack.
“The company will continue to assess the impact of the incident and whether the incident may have a material impact on the company,” LoanDepot said.
SecurityWeek has not yet seen any known ransomware gang claiming responsibility for the attack.
LoanDepot is the second mortgage firm in the US to fall victim to a cyberattack over the past two months, after Mr. Cooper experienced a data breach impacting 14.7 million individuals.
In late December 2023, LoanCare, which provides loan subservicing for mortgage loaners, announced that more than 1.3 million individuals were impacted by a data breach after its parent company Fidelity National Financial (FNF) fell victim to a ransomware attack.
“We’re only three weeks into the new SEC mandate and we’re already hearing of the first publicly traded company to disclose a cyber incident,” Reco.AI co-founder and chief product officer Gal Nakash told SecurityWeek in an emailed comment.
“When it comes to security incidents, speed is key. For that reason, it is imperative for organizations today to have the ability to set alerts for malicious and unknown IPs in order to quickly identify, respond, and remediate risk in a timely manner. With adversaries constantly looking for gaps in security postures, regular audits and proactive maintenance are crucial to detecting and fixing misconfigurations, significantly reducing the attack surface,” Nakash added.
Related: Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack
Related: Yamaha Motor Confirms Data Breach Following Ransomware Attack
Related: TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant