Nations Direct Mortgage alerts 83,000 to personal data leaks from December cyberattack


Nevada-based Nations Direct Mortgage said more than 83,000 customers were affected by a late 2023  data breach that leaked Social Security numbers and other sensitive information. 

In filings with regulators in Maine and California, the company said it discovered a cybersecurity incident on December 30 that prompted an investigation. Law enforcement and other governmental agencies were notified of the cyberattack. 

The lender operates in 35 states and has originated hundreds of millions of dollars’ worth of mortgages since its founding in 2007. 

“The investigation has determined that an unauthorized third party obtained access to and potentially removed data of certain individuals from across the country,” the company said in letters to victims. 

“Based on our investigation, we understand that your name, address, social security number, and unique Nations Direct loan number may have been obtained by the unauthorized third party bad actor.” 

Victims will be given two years of identity protection services from Kroll. The company posted a copy of the letter on its website as well. 

Multiple law firms are seeking victims for a potential class-action lawsuit against Nations Direct Mortgage for the breach. 

The incident took place as several mortgage lenders and housing industry financial giants faced ransomware attacks and other cybersecurity problems. 

One of the largest mortgage loan servicers, Mr. Cooper, spent months in late 2023 dealing with issues before announcing that the information of nearly 14.7 million people was leaked during a ransomware attack

Fidelity National Financial — a Fortune 500 provider of title insurance for property sales — was hit with ransomware in November, snarling home purchases across the U.S. for days. 

Title insurance company First American and another large retail mortgage lender LoanDepot announced attacks in December and January that caused widespread problems for home buyers. 

Several other critical financial services institutions like MeridianLink, Tipalti and Moneris reported incidents throughout the fall. One of the world’s largest banks, Industrial and Commercial Bank of China (ICBC), also announced a ransomware attack in November.

IndustryCybercrimeNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Cyberattack knocks out Pensacola city government phone lines

Next Post

A leading spyware combatant on what’s next as governments continue to crack down

Related Posts

Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud

Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the company said in its latest Cyber Signals report. "We've seen some examples where
Read More

Warning: New Adware Campaign Targets Meta Quest App Seekers

A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes," cybersecurity firm eSentire said in an analysis, adding it identified the activity earlier this month. "
Read More

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles on April 12 and May 16, respectively. The foreign nationals have been "charged for leading a scheme
Read More