ICE's Encompass down following CrowdStrike incident

Img

ICE Mortgage Technology says its Encompass loan origination system is down following a global technology outage.

The industry tech provider did not confirm whether the issue was related to the major CrowdStrike incident, only stating to customers it was a "global third-party IT outage." The company's Data and Document Automation software was also affected, according to an update posted at 9:44 am Pacific Time, and from a message on its customer support line. The earliest visible update for a technical issue with Encompass, DDA and ICE's Velocify software was posted at 1:45am PDT Friday.

A spokesperson for ICE shared with National Mortgage News a message the company sent to customers, stating it was working to restore normal service to Encompass, and that the company's markets, exchanges, fixed income and data services remain fully operational. 

Mortgage lenders contacted by National Mortgage News have not said whether they've been impacted by the incident, or confirmed whether they are customers of the widely used cybersecurity service. A buggy update by the Microsoft-owned CrowdStrike led to global disruption, including at hospitals, airlines and financial services. 

The Department of Housing and Urban Development said this morning it experienced issues with user log-ins and applications, and the Federal Housing Administration was working on a resolution. It did not say whether the issue was related to CrowdStrike, and did not return a request for comment. 

The Nationwide Multistate Licensing System was impacted briefly from the Crowdstrike incident but is up and running, a spokesperson for the Conference of State Bank Supervisors said in a statement Friday.

Michael Nouguier, director of cybersecurity services at Richey May, said the company began receiving calls from independent mortgage banks this morning about disruptions. 

"Their security teams, when something's not working, they come to us to make sure that they're not experiencing a security incident," he said. "And what we're able to do is identify this is a CrowdStrike issue at a third party in these cases."

Crowdstrike said the single content update, for which it has deployed a fix, impacted Windows hosts and did not affect Mac and Linux systems. It said the incident was not a cyberattack. 

"We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption," the company said in a statement with technical details on its website.

Mortgage companies haven't publicly reported effects from the outage. Banks have experienced some outages according to updates on Down Detector, a tech company-owned, crowd-sourced reporting site. Some banks have released statements acknowledging no significant impacts, while Visa and Mastercard told American Banker they were unaffected.

Cybersecurity experts commented on the practice of automatic updating, where many companies have appeared to have been hurt by CrowdStrike. Carlos Aguilar Melchor, chief scientist of cybersecurity at tech firm SandboxAQ said companies "cannot accept with blind trust" software updates or cybersecurity practices. 

Every company should implement observability in their software systems right away to monitor these high-impact platforms and prevent these catastrophes," he said in an emailed comment. 

The federal Cybersecurity and Infrastructure Agency posted a notice about the incident Friday, stating it has observed threat actors "taking advantage of this incident for phishing and other malicious activity."

That warning comes amid heightened dangers for mortgage companies, which are already reeling from major attacks in the past year. Nouguier said organizations shouldn't shoulder blame for doing anything wrong. 

"Half the world is down today," he said. "This may not have been an issue of an automatic update, as much as it is an issue of just implicit trust in our vendors to do things right."


More From Life Style