Major Mortgage Company Cyber Attack Could Impact Central New Yorkers

One of Central New York's major home loans servicers is Mr. Cooper, and recently they just fell victim to a cyber attack. The disruption held up the mortgage payments of their huge customer base.

The results of this attack are still not fully known.

A common practice amongst mortgage companies is the buying and selling of homeowner mortgages. In many instances, a property owner may go to the closing table for the purchase of their new home and their mortgage has already been sold to another company.

Who is this Mr. Cooper guy?

Well, it's not actually a person. Mr. Cooper is the 3rd largest mortgage server in the nation with over 4.3 million customers.

I myself am a customer of Mr. Cooper, my mortgage was purchased by them, and my usual auto payment taken on the first of every month was delayed 9 days.

What other risks are there associated with the attack?

The company was not very clear on that. As of 11/9/23 the company released this statement to their customers on their website.

On October 31, Mr. Cooper experienced a cybersecurity incident. Our team took immediate steps to lock down our systems, and we are working around the clock with cybersecurity experts to resolve this issue as soon as possible.

As part of our ongoing investigation, we now believe that certain customer data was exposed. We are continuing to investigate precisely what information was exposed. In the coming weeks, we will mail notices to any affected customer and provide them with complimentary credit monitoring services.

Until that time, it is always advisable to monitor your financial accounts and credit reports for any unauthorized activity. You should immediately report any unusual activity to your financial institution. You can also contact the three major credit bureaus to place a “fraud alert” on your file at no cost, which alerts creditors to contact you before they open a new credit account under your Social Security number. Additionally, you should update your passwords frequently and with increasing complexity, and be mindful to not use the same password across multiple personal accounts.

 

I can tell you there has already been a slew of sketchy things happening to me, possibly as a result of this attack.

If my information was exposed it is possible my phone number was discovered. I know that because I began getting strange FaceTime calls from a barrage of random numbers.

When I answered, only once, I heard clicking sounds but no responses. Was this a random act of attempted scamming or was this a direct result of this cyber attack? It is not clear.

For two days straight the calls were constant and the only relief was to block each and everyone one of the 10 or more numbers that were attached to the FaceTime audio calls.

Finally, by Wednesday, November 8th, the calls subsided.

There has been no real answer to the cause or consequences of the attack

Hopefully, Mr. Cooper will have an answer soon.

The incident statement says,

We are still investigating what data may have been exposed. Please note that Mr. Cooper does not store banking information related to mortgage payments on our systems. This information is hosted with a third-party provider and, based on the information we have to date, we do not believe it was affected by this incident. As a result, we do not believe that any of our customers’ banking information related to mortgage payments was impacted.

The language "we do not believe..." is not that reassuring.

If your mortgage is serviced by Mr. Cooper and you want to inquire about this attack and the delay of payment, visit their FAQs page.

This incident is another reminder of the importance of always taking the proper steps to protect your data, passwords and online banking information.

You never know when or where the next cyber attack will occur.