The attack is one of three major incidents the lender has suffered in the past three years.

The government mortgage-backed securities guarantor needs data breaches reported within a certain period of time and has specific instructions for subservicers.

The root cause of the hack affecting over 5 million customers was an employee clicking on a link in a work-related search result, according to public case documents.

The mortgage lender said the hack was caused by a third-party's vulnerability.

The lender had previously revealed that personally identifying information from 16.6M customers had leaked, but hadn't offered these details.

The notorious group also allegedly targeted Academy Mortgage and Fidelity National.

Litigation in the mortgage industry sees lenders and servicers featuring as both plaintiffs and defendants.

The New York-based firm said a hack last August compromised the personal identifiable information of 10,835 customers.

Both lenders disclosed their systems were accessed and customer data was leaked.

The ransomware attack compromised the personally identifiable information of over 199,000 mortgage customers.

A little over 280,000 customers had their birth dates and Social Security numbers compromised during the cyber attack.

The rate of errors per loan jumped by 30% compared to the third quarter, a FundingShield report said.

16.6 million former and current Loandepot customers had their data leaked, the lender and servicer announced Monday.

Mellohome's website, the MyLoandepot customer portal and the HELOC portal have been rebooted following the cyber attack, the lender and servicer said.

The lender didn't reveal whether the incident was related to a purported ransomware gang attack last March.

In a new filing with the Securities and Exchange Commission, the company attributed delayed transactions, loss of business to other providers and one-time expenses to reduced revenue but expected a limited effect on financial health.

Most of the legal filings accuse the title insurer and its subsidiary, LoanCare, of failing to protect the personal identifiable information of customers.

The lender had taken certain systems offline and was working to restore business operations as of Monday morning.

The company's latest filing provided a brief timeline of the incident that was uncovered on Dec. 20.

The title insurer said its title data and property records research tools have been restored, as well as its warranty site.