Select Page
Data Breaches

LoanDepot Data Breach

U.S. mortgage lender loanDepot revealed in early January 2024 that it was the target of a ransomware attack that exposed the personal identifiable information of over 16.6 million customers. Some of the company’s systems were taken offline, leaving customers struggling to get into their accounts or close deals on mortgages. Given this is the second cyberatack the loan giant has experienced in as many years, it leaves customers wondering about the importance loanDepot places on their personal and financial well-being as they grapple with the potential fallout.
•   Open - Accepting New Clients

On January 25 2024, a class action complaint was filed against loanDepot, a major player in the U.S. mortgage lending industry, after it shocked its customer base by disclosing a significant cyberattack that affect almost 16.6 million individuals and has sent ripples through the financial sector. The implications of this breach are far-reaching, leaving customers in a state of uncertainty as they grapple with the potential fallout.

LoanDepot’s Second Cyberattack In Less Than Two Years

This latest cyberattack comes in the wake of another attack that took place at the mortgage lending giant in August 2022. This latest attack compromises the personal information of 16.6 million loanDepot customers and casts a shadow over the security measures employed by financial institutions at large.

In an era where data breaches have become increasingly prevalent, this recent incident serves as a stark reminder of the vulnerability of personal information in the digital age and the level of effort loanDepot has expended to secure its customer data given this is the second such incident to occur at the loan giant in as many years.

Customers Left Scrambling To Stem Fallout From the Attack

For affected customers, the foremost implication lies in the jeopardy of their financial well-being. The compromise of sensitive data, such as social security numbers, financial records, and personal details, poses a substantial risk of identity theft and fraud. As customers anxiously monitor their accounts for any signs of unauthorized activity, the potential for financial loss and damage to creditworthiness looms large.

The fallout from the cyberattack extends beyond immediate financial concerns, with some customers now facing disruptions in their ability to access loanDepot accounts and make timely payments. The ensuing chaos could result in late fees, penalties, and potential harm to credit scores, further exacerbating the impact on individuals and families already navigating the challenges of the economic landscape.

Two days before loanDepot published its online notice of the breach, customers reported having trouble logging into the company’s payment portal. Several other online portals, including HELOC and the mellohome site, were also reportedly unavailable during the attack.

loanDepot’s Reassurances Provide Little Comfort

In response to the breach, loanDepot has said very little other that to reassure customers that it is actively working to mitigate the damage and enhance cybersecurity measures. However, given this second incident in almost as many years, these assurances provide little comfort to those affected.

Although loanDepot has not said exactly what type of customer information was compromised and stolen from its systems, the company possesses confidential customer data, including financial and bank account details.

On January 22, 2024, loadDepot said it will begin mailing out notification letters to those customers affected by the breach. According to this notification letter the following information was compromised in the breach –

  • name
  • address
  • email address
  • financial account numbers
  • Social Security number
  • phone number
  • date of birth.

As customers come to terms with the potential consequences of the cyberattack, the incident underscores the critical need for heightened vigilance and proactive measures to safeguard personal and financial information. It also serves as a collective call to action for industry stakeholders to prioritize cybersecurity, recognizing that the trust of customers is paramount in an era where digital transactions dominate the financial landscape.

Join the loanDepot Class Action

The magnitude of the breach, coupled with potential financial losses and the inconvenience caused by restricted account access, underscores the urgency for collective action. Joining a class action not only empowers individuals to seek compensation for the damages incurred but also sends a resounding message to loanDepot and other financial institutions that lax cybersecurity practices will not be tolerated.

Through a united front, affected customers have a voice. By participating in a class action, individuals contribute to a larger effort aimed at safeguarding not only their own interests but also the integrity of financial systems at large, fostering a culture of accountability that benefits consumers across the board.

If you have been adversely affected by the loanDepot cyberattack announced January 8th 2024, and would like to participate in the class action, please complete the form shown on this page and a data breach attorney will contact you to discuss your claim. There is no cost to you.