An update on loanDepot’s January cyberattack shows that a higher number of individuals were affected than previously disclosed, while tens of millions of dollars in additional expenses will be added to the company’s first-quarter earnings results. 

On Tuesday morning, the top 15 U.S. mortgage lender announced that it will notify 16.9 million individuals whose sensitive personal information was impacted by the cyber incident. loanDepot will offer credit monitoring and identity protection services at no cost to them, per filings with the Securities and Exchange Commission (SEC).

The number of individuals affected exceeds the 16.6 million who were informed on Jan. 22. 

According to the company, the cyberattack will add approximately $12 million to $17 million in expenses to its first-quarter earnings, the net of expected insurance coverage. The company stated, however, that the incident will not have a material impact on its overall financial conditions for the entire year.

loanDepot has yet to announce a release date for its fourth-quarter 2023 earnings. 

California-based loanDepot informed the wider public of the cyberattack that brought its systems down on Jan. 8, adding that the date of the earliest event was Jan. 4. The company began restoring its systems on Jan. 18. On Tuesday, it reported that the cyberattack has been contained. 

The incident may have involved “name, address, email address, financial account numbers, social security number, phone number, and date of birth,” of customers, according to a notice of data breach sent to the Office of the Maine Attorney General. 

Ransomware gang AlphV/BlackCat later claimed it was behind the cyberattack.

Customers filed several class-action lawsuits following the cyberattack, claiming they were “placed in an imminent and continuing risk of harm from fraud, identity theft, and related harm caused by the data breach.” loanDepot is accused of negligence, breach of contract and unjust enrichment, among other allegations. 



The company, which does not comment on pending litigation, wrote to the SEC that it cannot “presently quantify” the expenses related to the lawsuits, but it “does not expect that the cybersecurity incident will have a material impact on its overall financial condition or on its ongoing results of operations.” 

Several mortgage companies have recently been the target of cyberattacks, including Mr. Cooper Group, First American and Fidelity National Financial Inc., the parent of servicer LoanCare. 

Mortgage executives told HousingWire that these attacks have put the industry in “alert mode.” They don’t have a clear answer for why the mortgage sector, mainly servicers, has sustained so many attacks of late. Still, they acknowledge that they keep a vast amount of customer data and some players may be vulnerable amid a shrinking market. 

Have A Question?

Use the form below and we will give your our expert answers!