Cyber attacks

At least six legal actions are currently pending against Planet Home Lending for failing to protect customer data in November 2023.

The notorious group also allegedly targeted Academy Mortgage and Fidelity National.

Both lenders disclosed their systems were accessed and customer data was leaked.

A little over 280,000 customers had their birth dates and Social Security numbers compromised during the cyber attack.

A second class action has been filed in the state of California and more cases are brewing.

The rate of errors per loan jumped by 30% compared to the third quarter, a FundingShield report said.

Mellohome's website, the MyLoandepot customer portal and the HELOC portal have been rebooted following the cyber attack, the lender and servicer said.

All of the class actions will be consolidated into a single case under plaintiff Jennifer Cabezas, who was the first of the 20 to bring a motion against the company.

In a new filing with the Securities and Exchange Commission, the company attributed delayed transactions, loss of business to other providers and one-time expenses to reduced revenue but expected a limited effect on financial health.

Most of the legal filings accuse the title insurer and its subsidiary, LoanCare, of failing to protect the personal identifiable information of customers.

The lender had taken certain systems offline and was working to restore business operations as of Monday morning.

The title insurer said its title data and property records research tools have been restored, as well as its warranty site.

In a filing, the company's subservicing subsidiary Loancare said 1.3 million customers had their data compromised, while in an ongoing situation, customers of fellow title insurer First American find themselves without email or online access after a separate incident last week.

The title company was also attacked in 2019 and joins Fidelity National and Mr. Cooper among recent victims.

Lawyers for the plaintiff maintain the companies should have been on notice of inadequate security measures after a reported data breach in 2022.

To make amends to former and current borrowers, Mr. Cooper is footing the bill for two years of complimentary identity protection services.

While ransomware group Alphv/Blackcat claims to have orchestrated the incident, title insurance company Fidelity National Financial has not yet stated whether confidential data was compromised.

Some of the lender and servicer's systems are offline following the attack on Oct. 31.

The incident occurred in November 2020 when an unauthorized party gained access to company systems and deployed ransomware, resulting in compromise of employees' personal information.

Ransomware gang Cl0p is currently threatening 50 companies with releasing data it stole from them late last month.