Nations Direct Mortgage alerts 83,000 to personal data leaks from December cyberattack


Nevada-based Nations Direct Mortgage said more than 83,000 customers were affected by a late 2023  data breach that leaked Social Security numbers and other sensitive information. 

In filings with regulators in Maine and California, the company said it discovered a cybersecurity incident on December 30 that prompted an investigation. Law enforcement and other governmental agencies were notified of the cyberattack. 

The lender operates in 35 states and has originated hundreds of millions of dollars’ worth of mortgages since its founding in 2007. 

“The investigation has determined that an unauthorized third party obtained access to and potentially removed data of certain individuals from across the country,” the company said in letters to victims. 

“Based on our investigation, we understand that your name, address, social security number, and unique Nations Direct loan number may have been obtained by the unauthorized third party bad actor.” 

Victims will be given two years of identity protection services from Kroll. The company posted a copy of the letter on its website as well. 

Multiple law firms are seeking victims for a potential class-action lawsuit against Nations Direct Mortgage for the breach. 

The incident took place as several mortgage lenders and housing industry financial giants faced ransomware attacks and other cybersecurity problems. 

One of the largest mortgage loan servicers, Mr. Cooper, spent months in late 2023 dealing with issues before announcing that the information of nearly 14.7 million people was leaked during a ransomware attack

Fidelity National Financial — a Fortune 500 provider of title insurance for property sales — was hit with ransomware in November, snarling home purchases across the U.S. for days. 

Title insurance company First American and another large retail mortgage lender LoanDepot announced attacks in December and January that caused widespread problems for home buyers. 

Several other critical financial services institutions like MeridianLink, Tipalti and Moneris reported incidents throughout the fall. One of the world’s largest banks, Industrial and Commercial Bank of China (ICBC), also announced a ransomware attack in November.

IndustryCybercrimeNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Cyberattack knocks out Pensacola city government phone lines

Next Post

A leading spyware combatant on what’s next as governments continue to crack down

Related Posts

When a customer gets defrauded, should the enterprise reimburse?

The New York Attorney General’s decision to sue Citibank last week for failing to reimburse customers who'd been victimized by fraud raised some interesting issues for business that go beyond just Citibank. Specificially, when should a customer be reimbursed for fraud and at what point do the customer’s own actions come into play?To be clear, financial institutions have been routinely refusing to reimburse customers who have done nothing wrong. The far trickier issue is when the customer does indeed do something wrong.To read this article in full, please click here
Read More

Russia hacks Microsoft: It’s worse than you think

Another day, another hack of Microsoft technology. Ho-hum, you might think, this has happened before and will happen again — as surely as the sun rises in the morning and sets at night.This time is different. Because this time the targets weren’t Microsoft customers, but rather the top echelons of Microsoft itself. And the hacker group, called Midnight Blizzard, or sometimes Cozy Bear, the Dukes, or A.P.T. 29, is sponsored by Russia’s Foreign Intelligence Service (and has been since at least 2008).To read this article in full, please click here
Jason Macuray
Read More