Cyberattack at loanDepot affects 17M individuals, with up to $17M in expenses

Didier Malagies • February 28, 2024


An update on loanDepot’s January cyberattack shows that a higher number of individuals were affected than previously disclosed, while tens of millions of dollars in additional expenses will be added to the company’s first-quarter earnings results. 


On Tuesday morning, the top 15 U.S. mortgage lender announced that it will notify 16.9 million individuals whose sensitive personal information was impacted by the cyber incident. loanDepot will offer credit monitoring and identity protection services at no cost to them, per filings with the Securities and Exchange Commission (SEC).


The number of individuals affected exceeds the 16.6 million who were informed on Jan. 22. 

According to the company, the cyberattack will add approximately $12 million to $17 million in expenses to its first-quarter earnings, the net of expected insurance coverage. The company stated, however, that the incident will not have a material impact on its overall financial conditions for the entire year.


loanDepot has yet to announce a release date for its fourth-quarter 2023 earnings. 


California-based loanDepot informed the wider public of the cyberattack that brought its systems down on Jan. 8, adding that the date of the earliest event was Jan. 4. The company began restoring its systems on Jan. 18. On Tuesday, it reported that the cyberattack has been contained. 

The incident may have involved “name, address, email address, financial account numbers, social security number, phone number, and date of birth,” of customers, according to a notice of data breach sent to the Office of the Maine Attorney General. 


Ransomware gang AlphV/BlackCat later claimed it was behind the cyberattack.

Customers filed several class-action lawsuits following the cyberattack, claiming they were “placed in an imminent and continuing risk of harm from fraud, identity theft, and related harm caused by the data breach.” loanDepot is accused of negligence, breach of contract and unjust enrichment, among other allegations. 



The company, which does not comment on pending litigation, wrote to the SEC that it cannot “presently quantify” the expenses related to the lawsuits, but it “does not expect that the cybersecurity incident will have a material impact on its overall financial condition or on its ongoing results of operations.” 

Several mortgage companies have recently been the target of cyberattacks, including Mr. Cooper GroupFirst American and Fidelity National Financial Inc., the parent of servicer LoanCare. 

Mortgage executives told HousingWire that these attacks have put the industry in “alert mode.” They don’t have a clear answer for why the mortgage sector, mainly servicers, has sustained so many attacks of late. Still, they acknowledge that they keep a vast amount of customer data and some players may be vulnerable amid a shrinking market. 



Have A Question?

Use the form below and we will give your our expert answers!

Reverse Mortgage Ask A Question


Start Your Loan with DDA today
Your local Mortgage Broker

Mortgage Broker Largo
See our Reviews

Looking for more details? Listen to our extended podcast! 

Check out our other helpful videos to learn more about credit and residential mortgages.

By DDA Mortage July 13, 2026
Learn how to qualify for a mortgage using your assets like stocks, savings, and retirement funds, even if traditional income doesn't work. Discover DDA Mortgage's solutions.
By DDA Mortage July 8, 2026
Understand the potential shift from FICO to VantageScore. Learn how it affects your credit score, mortgage rates, and qualification. DDA Mortgage explains.
By DDA Mortage July 6, 2026
Qualifying for a mortgage has changed. Learn how income/debt ratios, home prices, and interest rates impact your ability to buy a home today.
Show More