A class action suit filed in California accuses Loandepot of failing to implement adequate measures to protect its customer data.
In early January, the lender and servicer reported some of its
On Monday, Loandepot announced it would be notifying individuals impacted by the data leak and will foot the bill for credit monitoring and identity protection services for them.
The suit, filed by Daroya Isaiah in mid-January, argues Loandepot "should have known of the serious risk and harm caused by a data breach" and was "obligated to implement reasonable measures to prevent and detect cyberattacks."
Isaiah claims since the cyber breach, she has seen an uptick in "spam phone calls or text messages; and noticed strange information or accounts on her credit report, which plaintiff believes could be attributed to the data breach."
Loandepot declined to comment.
According to the complaint, this is at least the second cyber incident reported by the lender since 2022. Isaiah received a prior notice of a data breach in May 2023 regarding a cyber attack in October 2022, which also exposed customer data, the suit noted.
Loandepot's "inadequate data security procedures and practices" has created a serious risk to the plaintiff and the class, including both a short-term and long-term risk of identity theft and other fraud, the legal filing said.
The class action also alleges the California-based lender's practices violated Section 5 of the Federal Trade Commission, which prohibits "unfair ... practices in or affecting commerce" like failing to use reasonable measures to protect users' sensitive data.
Following the attack,
Whether this incident will impact Loandepot's bottom line remains uncertain. The mortgage company has "not yet determined whether the cybersecurity incident is reasonably likely to materially impact the
Apart from Isaiah's suit, Loandepot customers have complained across different social media channels that they cannot make payments on their mortgage.
Loandepot's breach is the latest in a string of attacks on companies in the financial services space, including
Breaches that hit Mr. Cooper and Fidelity National Financial also resulted in customer data being exposed. Both companies are also facing class action suits from former and current customers.