Almost 17 million LoanDepot customers had their personal information exposed in a breach

The California-based loan and mortgage company announced in a data breach notice filed with Maine’s attorney general’s office that the data of 16,924,071 customers was stolen in a January cyberattack carried out by the ALPHV/BlackCat ransomware group.

Personally identifiable information (PII) compromised in the incident includes:

• Name, address, phone numbers,
• Dates of birth.
• Email addresses,
• Financial account numbers,
• Social security numbers.

LoanDepot said its investigation showed the attack occurred from January 3rd through January 5th, with the company first becoming aware of “the unauthorized third party gaining access to certain of our systems” on or about January 4th. The attack forced the company to take its systems offline, and many customers could not log in or pay their bills for about a week. LoanDepot’s portals and services were fully restored by January 19th, according to the company.

However, it was only on 23rd February that LoanDepot sent a breach notification letter to their customers telling them that an unauthorized third party may have accessed their sensitive personal information. When asked by reporters why it took six weeks to reveal what customer data was exposed, the company “declined to comment.”

On the other hand, the hackers wrote about the leak on their blog on 16 February, blaming LoanDepot for failing to pay the ransom they asked for and not disclosing the total amount of stolen data. They revealed that they downloaded multiple databases from credit bureaus that included personal information about American citizens, even those who had never applied for any of LoanDepot products.

First observed in 2021, ALPHV/BlackCat is known to operate as a ransomware-as-a-service (RaaS) model by selling malware subscriptions to criminals.

Known for its triple-extortion tactics, the gang was responsible for the 2023 September ransomware attacks on the Las Vegas casino giants MGM Resorts, as well as Caesars International, who is rumored to have paid a $15 million ransom to keep operations running.

Was your information exposed in this breach? Find out now!

If you live in the US, you can protect your digital identity with Bitdefender Identity Theft Protection. Bitdefender Identity Theft Protection continuously monitors SSNs and other personal information on the public and Dark Web and alerts you in real time about breaches. It also provides real-time alerts on credit report requests, address changes, court records, and payday loans in your name. If you fall victim to identity theft, you can benefit from insurance that guarantees you recover certain out-of-pocket expenses and lost wages if your identity is stolen.

For the rest of the world, Bitdefender Digital Identity Protection is the best tool for shielding you from the dangers of breaches. It monitors your personal data in real-time, alerts you in case of data leaks, and reports to you any incident that puts your identity at risk.