A series of data breaches hit the financial services sector at the end of 2023 and into the new year, highlighting how vulnerable the mortgage industry can be to attacks from bad actors.
Millions of borrowers have had their
Companies recently impacted include: Loandepot, Mr. Cooper, Academy Mortgage,
Attacks have been carried out using third-party vendor vulnerabilities and other means, such as directly attacking companies through phishing, with spoofing emails. Bad actors have become more sophisticated, using
These incidents not only hurt mortgage companies reputationally, but also financially. Loandepot and Mr. Cooper, both public companies, revealed the aftermath of being
According to Ike Suri, CEO of FundingShield, there truly is a rise in cyber crime that has impacted the mortgage industry – it's not just conjecture. Some of it stems from lenders beefing up vendor reliance during the recent mortgage boom, in a push to speed up originations.
"Lenders and large institutions have always counted [attacks] as the cost of doing business and have wiped it under the rug," Suri said. "There was a spike [during the pandemic] and there continues to be a spike."
It is inevitable these attacks will continue, and as nefarious players get better at finding weak points in technology, there are steps mortgage companies should consider taking to protect their data and infrastructure going forward.
