A ransomware attack at a technology firm compromised information of Carrington Mortgage Services customers including partial Social Security numbers, the servicer said last week.
Neither Carrington nor its vendor Alvaria, the workforce management company which suffered the breach in March, disclosed the total number of clients impacted in letters to state attorneys general, although at least 50,690 residents across three states were affected. It's the most recently disclosed
A sophisticated ransomware attack hit Alvaria on March 9, according to a letter by an attorney for Carrington to the Office of the Attorney General of Iowa dated April 26. Alvaria, which handles customers' personal information for Carrington, responded at an undisclosed date by securing its networks and restoring its operations via backups, the disclosure said.
"The unauthorized actor obtained some data associated with the company maintained in technical system log and temp files," the Iowa letter said. "While Alvaria performed its forensic investigation, the company completed its analysis of the affected data on April 4, 2023."
Compromised data includes clients' names, mailing addresses, telephone numbers, loan number and balances and last four digits of Social Security numbers, Carrington said. In Texas, 41,491 Carrington customers were impacted; another 5,032 were affected in Washington and an additional 4,167 in Massachusetts, according to disclosures.
Carrington had no comment on Alvaria's reported data breach, an attorney for the servicer said in a statement. General counsel for the Westford, Massachusetts-based Alvaria deferred comment to a company spokesperson.
Alvaria notified the FBI and implemented additional security measures following the breach, although it didn't describe the steps in detail. Carrington is also offering customers 24 months of free credit monitoring and fraud consultation from Experian.
The servicer, in its letter to the Iowa AG, defended its information security diligence prior to engaging vendors as rigorous, and said it has received favorable reviews by state and federal regulators, ratings agencies and banking counterparties.
"Nevertheless, in light of this event, the company has begun an additional assessment of Alvaria's technical security measures to ensure that Alvaria has been providing and will continue to provide the security measures promised to the company and to help ensure this type of incident does not happen again," the letter, signed by the attorney for Carrington, said.
The servicer has been an
The incident is the second at Alvaria in a four-month span, after it disclosed in February a hack last November by the Hive Ransomware group impacting 4,695 customers, according to a Maine disclosure. The hackers last December released corporate records on the dark web, although the information didn't include customer data, Alvaria said.
It's unclear whether the November breach affected mortgage customer data. The Department of Justice in January said it
Since the beginning of the year, mortgage lenders from depositories to independent mortgage banks have disclosed cybersecurity incidents impacting a combined 191,000 customers, according to data breach disclosures in the Office of the Maine Attorney General. The hacks have ranged from one incident affecting as few as 600 customers to a third party breach in January impacting 139,493 customers of California-based Hatch Bank.
Class action complaints from consumers against companies impacted by massive breaches meanwhile remain pending in federal courts, including cases against a
