Another top US mortgage firm reveals a major data breach, over a million customers affected

(Image credit: Shutterstock)

LoanCare suffered a data breach last month, which resulted in the theft of sensitive customer data, the insurance service company has confirmed.

Roughly 1.3 million people were affected by the breach, the company further explained, as hackers stole people’s full names, physical addresses, Social Security Numbers (SSN), and loan numbers. 

This information can be used in all kinds of cyberattacks, from phishing, to identity theft, and wire fraud. Users are advised to be wary of any incoming email messages, phone calls, or other forms of communication, in which people claim to be calling from LoanCare.

Reader Offer: Save up to 68% on Aura identity theft protection

Reader Offer: Save up to 68% on Aura identity theft protection
TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal. Save up to 50% today. 

 Preferred partner (What does this mean?) 

Was it ransomware?

In a notification letter sent to affected individuals, Loancare revealed the breach is in connection to the cyber-incident that happened to its parent company, Fidelity National Financial, in mid-November 2023.

"On or about November 19, 2023, LoanCare, LLC ("LoanCare"), which performs or has performed loan subservicing functions for your mortgage loan servicer, became aware of unauthorized access to certain systems within its parent's, Fidelity National Financial, Inc. ("FNF"), information technology network," the company said in the letter.

To help protect its customers, LoanCare offered a two-year identity monitoring service through Kroll. It also notified relevant authorities and brought in third-party experts to analyze the breach and secure its infrastructure. 

In late November, news broke that Fortune 500 firm Fidelity National Financial suffered a cyberattack that forced it to take many of its services offline. The company did not specifically state the incident was a ransomware attack, but the way it responded suggested it just might have been.

The company filed a report with the U.S. Securities and Exchange Commission (SEC) which stated FNF discovered a security incident that “impacted certain FNF systems”. The company responded by notifying the police, investigating the matter, bringing in “leading experts”, and implementing “certain measures” of containment. Some of the measures, such as blocking access to different parts of the system, resulted in business disruptions.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.