Data security

The data aggregator announced a product this week that allows banks to build data privacy portals, where consumers can see who has access to their account data.

Some of the hacks in question are confirmed to have impacted millions of customers, while the full scope of other incidents have yet to be disclosed.

Plaintiffs in two similar class action complaints accuse the companies of failing to protect their Social Security numbers and loan information.

In an exclusive interview, the moderate Virginia Democrat and co-chair of the Community Development Financial Institution Caucus touched on the future of community development, cybersecurity and nonbank regulation. 

The businesses, like other victims of such incidents, have not identified the culprit nor type of attack.

The companies are the latest mortgage businesses to face class action complaints from consumers impacted by the cyberattacks.

Cybersecurity expenses and threats

A data breach in 2022 costs companies $4.35 million on average, an all-time high according to IBM research.

To meet the growing demand, banks are faced with a choice of hiring, reskilling or outsourcing.

A class action said the company, which has suffered two breaches in the past year, also was responsible for a larger breach and “downplayed” the situation when it notified consumers.

Borrowers condemned the company's disclosures, which came six months after the incident and omitted details about the hack and subsequent investigation.

The federal class action lawsuit is at least the third similar action within the industry over a cyberattack revelation.

The newly revealed victims were affected by the previously disclosed cyberattack, which went undetected for 41 days between September and December.

The data breach, which occurred over a two-day period last December, is the largest disclosure by a mortgage lender this year.

In response to a raft of recent data breaches, mortgage lenders are implementing a number of measures to protect their clients and themselves.

The incident at the mortgage fintech occurred late last year as a spate of attacks rocked other housing lenders.

Pingora Loan Servicing still hasn’t disclosed the full scope of last fall’s hack impacting at least 169,000 customers across four states.

Several federal agencies have recently stepped up requirements on banks to notify regulators and the public when they fall victim to cybersecurity incidents.

Increased cybersecurity spending puts an extraordinary squeeze on smaller firms that struggle to maintain revenues amid the origination slowdown.

Cybercriminals can leverage the workflow of the digital firms against them by tossing a plethora of stolen credentials at an online loan application until they secure approvals, according to one expert.