The verdict is in — the old way of doing business is over. Join us at Inman Connect New York Jan. 23-25, when together we’ll conquer today’s market challenges and prepare for tomorrow’s opportunities. Defy the market and bet big on your future.
Major mortgage lender Mr. Cooper fell victim to a significant cyberattack last week, leaving over 4 million mortgage customers unable to make their payments.
The company informed its customers of the breach on Oct. 31. Since Nov. 3, Mr. Cooper’s website has had the following banner above its homepage:
System Lockdown: On October 31, Mr. Cooper became the target of a cyber security incident and took immediate steps to lock down our systems in order to keep your data safe. As of Nov. 3 at 5pm CT, our systems remain locked down, and we are working on a resolution as quickly as possible. For the latest information, please visit https://incident.mrcooperinfo.com.
The company has not yet explicitly confirmed that it was the victim of a ransomware attack but its decision to lock its customers out of their accounts has led many to speculate that it was.
A spokesperson for the company told Inman that the company believes the breach was limited to Mr. Cooper’s internal systems, that customer data was not accessed, and that customers would not incur late fees on missed payments while the system was shut down.
“At this time, we believe this cybersecurity incident was isolated to Mr. Cooper systems and technology and did not affect any of the company’s clients’ or partners’ systems or technology,” spokesperson Sarah Rutledge said. “Mr. Cooper customers and customers whose loans we service on behalf of our clients who have tried or need to make payments will not incur fees, penalties or negative credit reporting as we work to resolve this issue.”
“We value our customers and take their data privacy very seriously, and we have launched an investigation with assistance from leading cybersecurity experts and notified law enforcement,” Rutledge said.
With services still offline, the company has warned customers to be wary of any communications claiming to come from Mr. Cooper employees. It also assured them that their rate locks will be honored and that automated mortgage payments will be processed as soon as the system comes back online.
With a loan portfolio of $937 billion, Dallas-based Mr. Cooper is the largest non-bank servicer of non-residential mortgages. Earlier in 2023, the company purchased Home Point Capital for $324 million, assuming $500 million of the company’s outstanding debt. That deal followed Mr. Cooper’s purchase of Rushmore Loan Management Services’ residential mortgage servicing platform in April.