Premium Mortgage latest lender to face data breach lawsuit

A consumer has filed yet another class action lawsuit against a lender over a recently disclosed data breach, suggesting she's already suffered from the hack.

Toni Hyde, who obtained a home loan from Premium Mortgage Corp. in 2021, is suing the company for at least $5 million in a complaint filed last week in a New York federal court. The Rochester-based Premium last month said a cyber attack this past summer compromised the names and Social Security numbers of 10,835 clients. 

The suit claims Premium wasn't specific enough in its disclosure to help affected consumers mitigate the harm caused by the incident. Hyde claims her Frontier Airlines credit card was accessed by an unknown party in December, between the time of the attack and Premium's notice.

An attorney for Hyde didn't respond to requests for comment Thursday. Premium didn't address the lawsuit but said in a press release the attack, which occurred for a week in late August, apparently stemmed from an attachment sent from a government email from another state.

"Immediately upon learning of the attempted breach Premium Mortgage enacted multiple levels of analysis to determine if any of its customers had been impacted," the company's statement read.

The lender claimed it didn't see any of its customers hurt by the hack, and offered 12 months of free credit monitoring and identity protection services through IDX, a subsidiary of cybersecurity firm ZeroFox.

Neither Premium's disclosure nor the lawsuit contained further details around the culprit or the form of cyber attack, details often omitted or unknown by parties in other data breach suits.  Hyde's lawsuit referenced Premium's privacy policy, which as of Thursday afternoon informed consumers of the firm's cyber security measures including regular malware scanning.

The lawsuit for four counts including negligence requests Premium adhere to increased cyber security requirements, including appointing a third-party assessor for 10 years to conduct technical testing. 

Randi Kassan, an attorney with Washington, D.C.-based Milberg Coleman Bryson Phillips Grossman, P.L.L.C., is representing Hyde. She also represents a plaintiff in a pending class action lawsuit against Carrington Mortgage Services and vendor Alvaria, which suffered a hack last March.

Premium lists 10 branches in New York and 2 in Florida, and 76 sponsored mortgage loan officers according to consumer Nationwide Multistate Licensing System records. The lender, according to data from S&P Global, originated $971 million in mortgage volume last year through November.

Numerous industry players such as Loandepot, Mr. Cooper and Planet Home Lending face class action complaints over major hacks they've disclosed in recent months. Most of those claims are far from potential jury trials, while a larger lawsuit against three servicers owned by Bayview Asset Management is further into its discovery phase.