loanDepot begins bringing more systems back online after cyberattack
Nonbank mortgage lender and servicer loanDepot has started to restore functionality to some of its technology systems impacted by an early January cyberattack. However, its operations remain impacted as it continues to investigate the incident.
On Jan. 18, the company began to restore several impacted systems over the course of the day beginning with its servicing customer portal. While it maintained certain limits on its functionality, the company explained that it would continue updating customers as more of its features became available.
Two hours later, the company restored access to its portal for Home Equity Line of Credit (HELOC) customers, followed shortly after that by its “MyloanDepot customer portal” dedicated to online loan applications and status tracking.
By the end of the day, it had also restored the website for its “mellohome” real estate affiliate.
When reached, representatives of loanDepot referred HousingWire to the website it has created to offer updates to consumers about systems and processes impacted by the cyberattack. It remains unclear which other systems are impacted, and a representative advised that the website encompasses all public-facing statements on the matter at this time.
The company informed customers and the wider public of the cyberattack on Jan. 8, and a filing with the Securities and Exchange Commission (SEC) reviewed by HousingWire indicated the date of earliest event as Jan. 4.
The company mailed Internal Revenue Service (IRS) 1098 forms to servicing customers beginning on Jan. 16. Those forms were expected to be reflected on the servicing website as soon as it was brought back online, the company explained.
Technology news site TechCrunch reported that a loanDepot company representative “did not dispute that the incident was linked to ransomware,” in which a bad actor gains access to a target individual or organization’s digital systems, then encrypts them, and sells the decryption key back to the victim for a price.
“We are working quickly to understand the extent of the incident and taking steps to minimize its impact,” loanDepot said in its Jan. 8 statement on the attack. “The Company has retained leading forensics experts to aid in our investigation and is working with law enforcement. We sincerely apologize for any impacts to our customers and we are focused on resolving these matters as soon as possible.”
