LoanDepot Says 16.9 Million Customers Impacted by January Data Breach

LoanDepot said Friday (Feb. 23) that a data breach that impacted the company in January affected 16.9 million customers.

In the breach that occurred Jan. 3 through Jan. 5, hackers acquired names or other personal identifiers in combination with Social Security numbers, the financial services company said in a Friday filing with the Office of the Maine Attorney General.

The personal information acquired by the unauthorized third party may have included names, addresses, email addresses, financial account numbers, Social Security numbers, phone numbers and dates of birth, loanDepot said in a notice of data breach attached to the filing.

The company said in the letter that it identified the breach Jan. 4.

“We promptly took a series of steps to contain the incident, remediate the issue and contact law enforcement,” loanDepot said in the notice of data breach. “We also launched an investigation of the incident, working with outside forensics and cybersecurity experts, to identify whether your information may have been accessed and to further secure our systems.”

The company said in the letter that it found no evidence that the information was used for fraud, but that it is offering two years of identity protection services and credit monitoring at no charge.

The number of consumers affected by the incident — 16.9 million — is higher than the “approximately 16.6 million individuals” loanDepot mentioned in a Jan. 22 press release.

The company initially announced the cybersecurity incident Jan. 8, saying it had taken certain systems offline and was working to restore normal business operations.

It was reported Jan. 19 that loanDepot customers said on social media and forums that they had been unable to access their online accounts, submit mortgage payments or close deals.

According to a page devoted to cyber incident updates on the loanDepot website, the company said four of the affected portals and websites went back online Jan. 18, and another portal and mobile app was again fully operational on Jan. 19.

“Unfortunately, we live in a world where these types of attacks are increasingly frequent and sophisticated, and our industry has not been spared,” loanDepot CEO Frank Martell said in the company’s Jan. 22 press release about the incident.