Another top US mortgage firm hit by major cyberattack

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)

Another day, another US mortgage giant cyberattack, as hackers have now disrupted loanDepot.

The company has notified its customers of some problems it was having via an X post that noted: "loanDepot is experiencing a cyber incident, which is affecting our phone lines. We are working diligently to return to normal business operations as soon as possible. We apologize for the inconvenience."

"loanDepot is experiencing a cyber incident. We have taken certain systems offline and are working diligently to restore normal business operations as quickly as possible,” it said in a separate announcement. "We are working quickly to understand the extent of the incident and taking steps to minimize its impact.”

Reader Offer: Save up to 68% on Aura identity theft protection

Reader Offer: Save up to 68% on Aura identity theft protection
TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal. Save up to 50% today. 

 Preferred partner (What does this mean?) 

Was it ransomware?

BleepingComputer reports that in addition to the phone lines, customers were also unable to log into the payment portal and pay their loans.

To address the problem, loanDepot brought in “leading forensics experts” and has notified the police, it said. “We sincerely apologize for any impacts to our customers and we are focused on resolving these matters as soon as possible."

Other details about the attack are unknown at this time. We don’t know if this is a “simple” malware attack, or if it’s ransomware. We don’t know who the threat actors are, their motives, or whether they stole any sensitive information during the attack. Usually, companies would take their systems offline in case of a ransomware attack, and in such scenarios hackers usually steal user data, too.

As this is a mortgage company, the data could be highly sensitive, including financial and bank account information. Customers should be particularly wary of incoming email messages, as the potentially stolen information could be used in phishing and identity theft attacks.

loanDepot services loans in excess of $140 billion and employs some 6,000 people.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.