Lower reveals data breach impacting 86,000 customers

Two more lenders have disclosed data breaches that occurred in December, with one of the attacks impacting nearly 86,000 customers.

Mortgage fintech Lower, in notices to state attorneys general offices last month, said personally identifiable information including some Social Security numbers for 85,958 customers was compromised. The Maryland-based company’s update was a supplemental filing to an earlier February disclosure, in which the cyberattack was only revealed to have affected 1,647 users.

Lower in a statement Wednesday said it’s taken steps to enhance its security measures since the incident.

“Our commitment to cyber security is a top priority for Lower and we are continuously identifying opportunities to enhance our measures,” the statement said.

An unauthorized actor accessed Lower’s network and removed files between Dec. 10 and Dec. 14 last year according to Lower, which enlisted the aid of third-party forensic specialists that month. The investigation later found suspicious activity related to some employee email accounts between Sept. 2 and Dec. 16.

Lower didn’t disclose the type of cyberattack or the name of the culprit, only describing it in a notice in Maine as an “external system breach (hacking).” The company offered impacted customers 12 months of complimentary Experian fraud consultation and credit monitoring services.

Maine Capital Group last week also disclosed to state AG offices a data breach last December involving the Social Security and driver’s license numbers of 876 customers, 760 of them Maine residents. An unauthorized party obtained files stored on the company’s server, including documents related to Approved Home Mortgage, according to an investigation with a cybersecurity firm.

The company only described the incident as hacking and said it hadn’t experienced a cyberattack in the last 12 months. It also offered affected customers one year of complimentary Kroll credit monitoring and fraud consultation services.

The newly revealed breaches occurred at the same time as a spate of large attacks on mortgage companies over last fall and winter. In April, Chesterfield, Missouri-based Gershman Investment Corp. revealed a cyberattack last September affecting 52,737 customers. Lender American Financial Services that month also disclosed a data breach which impacted 216,645 customers in December.

Servicers Lakeview Loan Servicing and Pingora Loan Servicing, both subsidiaries of Florida-based Bayview Asset Management, suffered cyberattacks compromising the personally identifiable information of a combined millions of customers last fall. The servicers are facing a class action lawsuit in the Southern District of Florida U.S. District Court, an action consolidated from 17 different suits nationwide. 

Since the beginning of the year, at least six additional bank and non-bank mortgage lenders have acknowledged incidents impacting the PII of a combined tens of thousands of customers. Maryland-based Certified Title Corporation in March also revealed 10,624 of its customers were affected by last summer’s industry-rattling Cloudstar ransomware attack.

Comments are closed.