MIAC Analytics, Cornerstone disclose data breaches

MIAC Analytics revealed it was the victim of a data breach in April, one of several mortgage players to report hacks in the past several months. 

It's unclear how many clients were impacted by the incident at MIAC, which occurred between April 5 and April 6. The analytics firm said it immediately secured its systems once the threat was discovered. 

"MIAC determined that in connection with this incident there was unauthorized access to certain systems in its environment, and as a result, certain data stored on MIAC's systems was subject to unauthorized acquisition," the company said in a consumer notice filed with cybersecurity firm IDX.

But Freedom Mortgage was affected as it revealed in a disclosure to the Indiana state attorney general that 592 of its customers had undisclosed information compromised. A limited amount of the lender's past data was in MIAC's database and may have been compromised, a company spokesperson said on Friday, who emphasized Freedom's systems hadn't been breached, and that the company had used MIAC several years ago. 

A representative for MIAC declined to comment Friday. The cyberattack was described in a letter to consumers shared with the Massachusetts Office of Consumer Affairs and Business Regulation, and in the IDX announcement.

There was no evidence of identity theft or fraud, MIAC said. The firms offered affected consumers 12 to 24 months of complimentary credit monitoring from IDX. 

MIAC doesn't appear to have been disrupted further, and has since regularly announced loan sales on behalf of its mortgage clients.

That revelation comes after another lender, the mortgage arm of Cornerstone Capital Bank, said its customers were affected by an attack in February at one of its service providers. Houston-based Cornerstone Home Lending said 15,042 of its clients had information compromised, according to a notice to the Indiana state attorney general in March.

"Our investigation determined that the service provider stored Cornerstone data that includes your name, address, loan number and bank account number," wrote Toby Wells, president of the Loan Servicing Division, in a letter shared with the same Massachusetts office.

Representatives for Cornerstone didn't return requests for comment this week. 

The attack was perpetrated by Russian-linked ransomware gang Clop, according to reports by TechCrunch and other cybersecurity blogs. The hackers allegedly breached a file transfer service with a "zero-day" attack that hadn't been seen before, and published a list on the dark web of 130 companies they allegedly breached. The wide range of alleged victims includes banking-as-a-service provider Hatch Bank, which said in a Maine notice 139,493 of its customers were affected.

Carrington Mortgage Services meanwhile faces accusations of negligence from consumer plaintiffs in three federal lawsuits over two data breaches at its workforce management vendor, Alvaria. 

The hacks at Alvaria in November and March impacted at least 50,690 clients, the companies said in disclosures to state attorneys general. It's unclear which customers were affected in each incident, but Social Security numbers were among compromised data.

The lawsuits include estimates of the number of customers impacted, ranging from over 685,000 to more than 3 million clients. Neither attorneys nor the companies in the cases didn't respond to requests for comment Friday. 

The complaints resemble class action cases against other large lenders and servicers who suffered significant hacks last year, which all remain pending.