More than 83,000 individuals had their sensitive data compromised following a December cyberattack against Nevada-based mortgage lender Nations Direct Mortgage, which operates across 35 U.S. states, reports The Record, a news site by cybersecurity firm Recorded Future.
Attackers infiltrated Nations Direct's systems and potentially exfiltrated customers' names, addresses, Social Security numbers, and unique loan numbers with the company, said Nations Direct in a filing with California and Maine regulators. Individuals whose data were impacted by the incident have also been given two years of free identity protection services amid ongoing calls for victims by several law firms for a possible class-action lawsuit against the lending firm. Such an incident comes amid the increasing prevalence of cybersecurity incidents against mortgage lenders and other financial organizations in recent months, including separate ransomware attacks against Fidelity National Financial and Mr. Cooper in November, as well as incidents impacting First American and loanDepot in December and January, respectively.