Cyberattack takes down one of the largest mortgage lenders in the US

ransomware avast
(Image credit: Avast)

Mr. Cooper, a major mortgage lender in the United States, has suffered a serious cyberattack which forced it to pull some of its systems and endpoints offline. As a result, customers were unable to pay their mortgages or loans.

In an announcement published on the Mr. Cooper website, it was said that the company became aware of the attack on October 31, and took “immediate action” to secure customer data. That action included locking some systems down, which still remain locked at press time. 

While the company did not specifically state this was a ransomware attack, companies that are forced to shut some systems down usually tackle that particular threat. It did say that it is “actively investigating” if any data has been compromised.

No penalties

Soon after, the company told BleepingComputer that it “began notifying customers about the incident”, suggesting that some data theft might have occurred. In any case, customers should be extra careful when receiving emails or text messages from anyone claiming to be a Mr. Cooper employee. 

As its services are currently offline, and people are unable to meet their obligations, some are worried that they will be penalized for being late with their payments.

“Rest assured, you will not incur any fees, penalties, or negative credit reporting related to late payments as we work to fix this issue,” Mr. Cooper’s announcement further stated.

Right now, there seems to be no other way to process the payments. “If you use ACH, your payment will be processed as soon as our systems are operational and you will receive a notification,” the company concludes. “You do not need to do anything.”

Mr. Cooper, previously known as Nationstar Mortgage LLC, is a mortgage lending company with more than four million customers. It employs some 9,000 people and services loans of $937 billion.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.