Data breaches

The title insurance giant was one of several major mortgage players to suffer a hack late last year.

A Connecticut judge gave preliminary approval of a $2.42 million settlement between the plaintiffs and Planet Home Lending. Plaintiffs could receive up to $2,000 from the settlement fund.

All lenders experiencing system breaches must report the incidents within 12 hours of detection, the administration announced.

The hack that occurred in December affected 27,746 mortgage customers, the South Carolina-based lender said.

After gaining access to On Q systems via vendor software, unknown parties were able to obtain and remove client personal information, including Social Security numbers.

Keeping vendor arrangements under wraps, "pen-tests" and a few simple email setting changes can make a world of difference in avoiding future attacks, experts say.

Malicious actors could be utilizing the same software that cybersecurity experts use to test a company's systems for vulnerabilities.

An unnamed hacker in December "potentially removed" sensitive consumer data including Social Security numbers from the wholesale lender.

The attack is one of three major incidents the lender has suffered in the past three years.

The root cause of the hack affecting over 5 million customers was an employee clicking on a link in a work-related search result, according to public case documents.