Mortgage company loanDepot has reported that the personal data of nearly 17 million customers was compromised in a ransomware attack that occurred in January.
The ALPHV/Blackcat ransomware group has taken responsibility for the breach, which affected sensitive customer information, including social security numbers, names, dates of birth, email and postal addresses, financial account numbers, and phone numbers.
As a result of the attack, many customers were unable to access their online accounts or make payments for several weeks. ALPHV has threatened to sell the stolen data unless loanDepot pays a ransom, but the company has not disclosed whether it intends to comply.
Ransomware incidents have increased recently, with Fidelity National Financial, the US branch of the Industrial and Commercial Bank of China, and securities lending platform EquiLend also falling victim to similar attacks.