loanDepot, one of America’s largest non-bank retail mortgage lenders have recently suffered a cyber-attack. What have we learnt from the cyber attacks in the recent past, and whether those learnings are being implemented at a mass scale, given the nature of threat, seems to have no answers? Detailing, clarity, response, rectification, learning and implementation is the preferred work design. Given the current scheme of things; the likelihood is as thin, as it can be. Relevant recent history is fascinating. Last May, loanDepot had disclosed a data breach. This was an outcome of a cyber-attack in August 2022, which exposed customer data.
The history is even crazier. In the same industry, mortgage lending giant Mr. Cooper suffered a cyber attack in November 2023. A month later Mr. Cooper disclosed a data breach. The disclosure confirmed the attack and that it had exposed personal data of 14.7 million customers. This has been the backdrop of the current cyber-attack on 6th January 2024 on loanDepot, that forced the company to take IT systems offline. Consequently, online payment of loans was stalled. The company employs approximately 6000 people and its loan servicing is to the tune of $140 billion. The attack came to light when customers started facing difficulty in logging in to company’s payment portal.
When the issue was brought to the public domain through social media platform X, the company confirmed of the disruption of services and the reason being a cyber-attack. They stated that they were trying their level best to restore the services at the earliest and that they are working with law enforcement and forensic experts to investigate the incident. The company was trying its level best to understand the extent of the incident, while taking steps to minimize its impact. That makes it a tall order. Nonetheless, they did retain leading forensic experts to aid their own investigation.
Even a day after the incident a similar message has appeared in the media based on attempting to log on into the company’s servicing portal. Recurring automatic payments was happening with some truncated services. Till the last information available in the public domain, the kind of attack remained to be unknown. It is generally feared to be a ransomware attack. If it were to be a ransomware attack, the problems would grow manifold. For sure, the bad actors would have stolen corporate and customer data. This would be used to blackmail the company into paying ransom. As loadDepot holds sensitive data; financial / bank account information, the customers were advised to be on lookout for potential phishing attacks and identity thefts.
A NEW TECH-LAW REGIME CAN ONLY TACKLE THIS MENACE.