UWM sued over vendor data breach

A United Wholesale Mortgage customer is implicating the top lender in a data breach.

Processing Content

Michigan resident Ricky LaFountain sued UWM in a Michigan federal court Wednesday for negligence, over the company's purported role in an incident last year. The lawsuit claims UWM customers' personal identifiable information, including Social Security numbers, were compromised in a hack at an accounting vendor. 

New Jersey-based Mercadien last November disclosed that it suffered a data breach between last September and October. The incident affected over 402,000 customers, according to the company's disclosure to the Indiana Attorney General's office. Pennsylvania-based Orrstown Bank has revealed it was affected by the breach, while another consumer has sued a separate Pennsylvania-based bank over its alleged involvement. 

LaFountain claims UWM retained Mercadien for advisory and tax services, and that the vendor processed the lender's customers' PII. While the lawsuit also mentions Mercadien as offering merger and acquisition advisory services, the cybersecurity incident occurred before UWM's announced transaction with Two Harbors.

The filing doesn't say how LaFountain or his attorneys determined UWM's relationship with Mercadien, and the lender has not disclosed doing business with Mercadien in any public filings.

Neither attorneys for LaFountain nor spokespersons for Mercadien and UWM responded to requests for comment Thursday morning. 

The lawsuit, like many other breach complaints, blames UWM for a lack of security safeguards, and for failing to notify customers affected by the Mercadien incident. 

More data breach lawsuits

The complaint is a rare, if not first data breach lawsuit against the wholesale leader, as many other top lenders have been hit with hacks and subsequent litigation from borrowers. In the past month alone, California-based Optimum First Mortgage and Plaza Home Mortgage were sued over hacks they recently disclosed. 

Some lenders are also wrapping up data breach cases well before they've reached class certification stages. SitusAMC quickly reached a $5.3 million settlement with a plaintiff for a breach affecting hundreds of thousands of consumers. Lenders AnnieMac and McLean Mortgage also told federal courts in recent months that they've reached agreements with consumers to settle lingering cybersecurity suits.  


For reprint and licensing requests for this article, click here.
Cyber Security Law and legal issues Fraud Data breaches UWM
MORE FROM NATIONAL MORTGAGE NEWS
Load More