Mr. Cooper, the mortgage and loan giant, has confirmed that hackers have stolen the sensitive personal information of more than 14.6 million of its customers. The stolen data includes customer names, addresses, dates of birth, phone numbers, Social Security numbers, and bank account numbers.
Key Takeaway
Hackers have stolen sensitive personal information, including names, addresses, Social Security numbers, and bank account numbers, of more than 14.6 million Mr. Cooper customers. The company has estimated that the cyberattack will cost at least $25 million.
Extent of the Data Breach
In a filing with Maine’s attorney general’s office, Mr. Cooper revealed that the hackers obtained personal data on “substantially all of our current and former customers.” This number is significantly higher than the four million existing customers that Mr. Cooper claims on its website, due to the historical data stored on mortgage holders.
The stolen data includes personal information on customers whose mortgages were previously acquired or serviced by the company when it was known as Nationstar Mortgage, prior to its rebranding as Mr. Cooper. The company also stated that affected customers may include those whose mortgages were serviced by a sister brand.
Impact on Customers
Customers were initially informed on October 31 that the systems were offline due to an outage, which was later revealed to be related to the cybersecurity incident. This left customers unable to access their accounts or make mortgage payments.
Financial Implications
The company disclosed in its regulatory filing that the cyberattack will cost at least $25 million, up from an estimated $5 to 10 million. This increase is largely attributed to the expenses associated with providing identity protection to its current and former customers for two years.
