U.S. mortgage lending large Mr. Cooper was breached in a cyberattack that triggered the corporate to close down IT methods, together with entry to their on-line fee portal.
Mr. Cooper (beforehand Nationstar Mortgage LLC) is a mortgage lending firm based mostly out of Dallas, Texas, that employs roughly 9,000 folks and has 4.1 million prospects. The lender has turn into the nation’s largest servicer, servicing loans of $937 billion.
Yesterday, prospects reported that they may not log in to Mr. Cooper’s web site to pay their mortgages or loans. They had been as an alternative greeted with a message stating that the corporate was struggling a technical outage.
“We’re experiencing a system/technical outage, and we hope to resolve this quickly,” learn a discover on Mr. Cooper’s web site.
“Clients attempting to make funds won’t incur charges or any destructive impacts as we work to repair this situation. We apologize for any inconvenience this will trigger and can proceed to offer common updates.”
Supply: BleepingComputer
After contacting Mr. Cooper in regards to the outages allegedly brought on by a cyberattack, the corporate notified prospects as we speak that they suffered a cyberattack.
“On October 31, 2023, Mr. Cooper decided that the corporate had skilled a cybersecurity incident during which an unauthorized third occasion gained entry to sure expertise methods,” reads a discover of cyber safety incident on Mr. Cooper’s web site.
“Following detection of the incident, we initiated response protocols, together with deploying containment measures to guard methods and information and shut down sure methods as a precautionary measure.”
“An investigation has been launched, and we’re working to resolve the problem as shortly as attainable.”
Do you could have details about this or one other ransomware assault? If you wish to share the knowledge, you possibly can contact us securely and confidentially on Sign at +1 (646) 961-3731, through electronic mail at lawrence.abrams@bleepingcomputer.com, or by utilizing our ideas kind.
Clients attempting to make mortgage funds might be unable to take action whereas the methods are down.
Nevertheless, Mr. Cooper advised BleepingComputer that they’ve begun notifying prospects in regards to the incident and promise to not cost any charges, penalties, or destructive credit score reporting associated to late funds as they restore methods.
“Clients who’ve tried or have to make funds won’t incur charges, penalties or destructive credit score reporting as we work to resolve this situation,” Mr. Cooper advised BleepingComputer.
“We’re actively working to resolve the problem and restore our methods as quickly as attainable, and we’re dedicated to offering common updates at https://incident.Mr. Cooperinfo.com/.”
The corporate says they’re nonetheless investigating whether or not buyer information was stolen and can notify impacted prospects if any was uncovered through the assault.
Whereas Mr. Cooper has not disclosed whether or not it is a ransomware assault, it bears all of the indicators of being one.
If it seems this was a ransomware assault, then it’s probably that information was stolen for use as leverage to get Mr. Cooper to pay a ransom demand.
As Mr. Cooper holds delicate details about prospects, together with monetary info, prospects ought to be vigilant in opposition to potential phishing assaults and id theft.