I have a story to share with you. It’s about a company called Mr. Cooper, one of the largest mortgage lending firms in the United States, with millions of customers and a whopping $937 billion in serviced loans. Recently, they had a cybersecurity incident that exposed the personal data of 14.7 million customers. Imagine that for a moment: 14.7 million people, just like you and me, whose sensitive information is now at risk.
How did this happen?
In late October 2023, Mr. Cooper experienced a cyberattack that breached their systems. They discovered the intrusion the next day, and as a result, they had to shut down all their IT systems, including the online payment portal customers use to pay their loans and mortgages. They took action, but the damage was already done.
The aftermath
A week after the incident, Mr. Cooper announced that the attackers accessed customer data during the breach. Thankfully, no financial information was exposed. However, the exact data compromised was still under investigation. And now, they have submitted a report to the Office of the Maine Attorney General, which states that 14,690,284 people were impacted.
What information was exposed?
The exposed data includes:
- Full name
- Home address
- Phone number
- Social Security Number (SSN)
- Date of Birth
- Bank account number
This puts the affected individuals at risk of phishing, scams, and social engineering attacks. Worse, bank fraud and identity theft are also possible due to the leak of bank account numbers.
What is Mr. Cooper doing about it?
Mr. Cooper has taken steps to identify and remediate the issue, including locking down their systems, changing account passwords, and restoring their systems. They have also initiated a detailed review to identify personal information contained in the impacted files. The company claims to be monitoring the dark web and has not seen any evidence that the data related to this incident has been further shared, published, or otherwise misused.
What can you do?
If you are a Mr. Cooper customer affected by this breach, stay vigilant against unsolicited communications and enroll in the offered 24-month identity protection service. Keep an eye out for any signs of fraud or identity theft and act promptly if you notice anything suspicious.
What now?
As a business owner, this story should serve as a stark reminder of the importance of cybersecurity. No company, regardless of its size, is immune to cyberattacks. And the consequences can be devastating, not just for the business, but also for its customers.
That’s where we come in. At ZZ Servers, we specialize in helping businesses like yours strengthen their cybersecurity posture. We understand the risks, and we have the expertise to help you protect your business and your customers from cyber threats. Don’t wait until it’s too late. Contact us today and learn how ZZ Servers can assist you.
