LoanCare, a major mortgage servicing company, has issued a warning to 1,316,938 borrowers across the United States, revealing that their sensitive personal information may have been exposed in a recent data breach at its parent company, Fidelity National Financial.
The company, which handles approximately $390 billion in balances from 1.2 million loans, is a significant player in the mortgage servicing sector, offering sub-servicing and interim sub-servicing solutions to its clients.
The data breach was initially disclosed by Fidelity National Financial, LoanCare’s parent company, in a recent SEC filing. After the disclosure, LoanCare promptly posted a notice about the incident on its website and informed the authorities while also sharing a sample of the notice sent to impacted individuals.
According to the notice issued by LoanCare, the unauthorized access to certain systems within Fidelity National Financial’s information technology network was discovered on or about November 19, 2023. Upon further investigation, it was determined that the attackers were able to steal data, including sensitive customer details, from Fidelity National Financial’s systems.
The compromised information includes individuals’ full names, physical addresses, Social Security Numbers (SSNs), and loan numbers. This type of data can be exploited for various nefarious purposes, such as targeted phishing, social engineering, and scamming attacks. As a result, recipients of the data breach notification are being urged to remain vigilant against unsolicited communications.
To mitigate the risk for the individuals affected by the breach, LoanCare has provided instructions on enrolling in a two-year identity monitoring service through Kroll. This service is aimed at helping exposed individuals monitor and safeguard their personal information.
This recent data breach incident is one of several troubling cyberattacks targeting companies in the mortgage and title insurance sectors. Just last week, another prominent title insurance provider, First American Financial Corporation, also disclosed that it had suffered a cyberattack that impacted its systems. As of now, it is unclear when the company will be able to fully restore its systems and return to normal operations.
Furthermore, there are currently no updates from First American Financial Corporation on whether customer data has been exposed as a result of the cyberattack. This serves as a stark reminder of the widespread threat posed by cybercriminals and the importance of robust cybersecurity measures to safeguard sensitive personal information.