Data and information management

The lender had taken certain systems offline and was working to restore business operations as of Monday morning.

The company's latest filing provided a brief timeline of the incident that was uncovered on Dec. 20.

The title insurer said its title data and property records research tools have been restored, as well as its warranty site.

In a filing, the company's subservicing subsidiary Loancare said 1.3 million customers had their data compromised, while in an ongoing situation, customers of fellow title insurer First American find themselves without email or online access after a separate incident last week.

The title company was also attacked in 2019 and joins Fidelity National and Mr. Cooper among recent victims.

Both past and present customers were impacted by the data breach.

Lawyers for the plaintiff maintain the companies should have been on notice of inadequate security measures after a reported data breach in 2022.

To make amends to former and current borrowers, Mr. Cooper is footing the bill for two years of complimentary identity protection services.

An increase in paper mail theft corresponds with a rise in physically altered checks that redirect funds to fraudsters.

While ransomware group Alphv/Blackcat claims to have orchestrated the incident, title insurance company Fidelity National Financial has not yet stated whether confidential data was compromised.

To date, all of the lawsuits accuse the servicer of failing to secure and safeguard customers personal identifiable information.

Also, Wells Fargo, Finance of America entered into partnerships affecting real estate tax and cybersecurity solutions.

At least two legal actions have been filed in a Texas federal court.

Some of the lender's servicing systems continue to be shutdown as of Wednesday.

In light of the shift over the past few years, most companies in the space have refocused on their long-term strategy, which includes optimizing technology infrastructure and providing a superior customer experience, write leaders from SimpleNexus and nCino.

Some of the lender and servicer's systems are offline following the attack on Oct. 31.

The order follows a similar decree by the Securities and Exchange Commission for publicly traded firms to disclose incidents they deem "material."

Banks already share consumers' transaction data with fintechs, mostly through data aggregators, and often grudgingly through screen scraping. The proposed 1033 regulation could give more control to consumers, better data access to fintechs and a competitive edge to big banks over smaller ones, some observers say.

The types of attacks ranged from malware, phishing and a zero-day hack of a vendor software which has rattled numerous bank and non-bank lenders.