The way cyberattackers crashed Ellie Mae’s Encompass loan origination system earlier this week suggests they had knowledge of the mortgage industry, according to the company.
The distributed denial-of-service attack overwhelmed the company’s servers with data requests that looked legitimate, National Mortgage News reported.
“I find it very coincidental that this was using a valid request and a normal signature, which if you look at just a random attack, that’s not typically the case,” Ellie Mae President and Chief Operating Officer Jonathan Corr told the news outlet. “And it occurred on the last day of the month and the quarter, starting first thing in the morning” — delaying loan closings at a critical time.
Ellie Mae has hired cybersecurity firm Stroz Friedberg to investigate the attack and verify there was no security breach. The company said it has put protocols in place to defend against a similar attack in the future.
Source: National Mortgage News