January Ransomware Attack Prompts loanDepot to Notify 17 Million Customers

Well, allow me to tell you about a rather peculiar incident that swept through the cyber community not too long ago. It was a chilly evening on February 16, when I found out something intriguing about a certain group of hackers, known as BlackCat.

Now, these aren’t your typical cyber troublemakers – this is a serious bunch of skilled individuals who caused quite a stir when they mentioned a popular US financial services company, loanDepot, on their dark web shenanigans. Here’s where it gets interesting: they didn’t reveal any pilfered data or sensitive information. Instead, they humbly professed that loanDepot had all but engaged in conversation with them, eagerly offering a hefty sum of $6 million for a protective data “key”. Mind you, it was merely a promise to perhaps add to the pot after the weekend. But – plot twist – there was no further contact. Bit of a cliffhanger, don’t you think?

Not forgetting to mention, BlackCat stirred the pot even more by making a few rather bold, albeit unproven, accusations about how loanDepot handled such cyber incidents. However, without concrete evidence at hand, these remained unverified rumours, like whispers in the wind.

Fast forward to quite recently, this intriguing tale took yet another turn when loanDepot submitted a formal breach notification to the Maine Attorney General’s Office. According to the legal beagles handling their case, it appears no less than 16,924,071 customers were affected by this curious incident.

Now, loanDepot, not being the ones to leave customers in the lurch, penned a heartfelt letter, dated January 4, acknowledging the breach. They disclosed that in a mere two-day window, from January 3 to January 5, some significant data may have been compromised. This potentially included customers’ names, addresses, email accounts, financial details, social security numbers, phone numbers, and even birthdays. Quite the personal profile, wouldn’t you say?

However, here’s a niggling detail that seems not have been considered – there’s no mention in the letter regarding whether the customer data had been locked or if there were any backups available to restore services. BlackCat, reliable or not, claimed loanDepot was rather keen to acquire a decryption key during their fleeting interaction. Rather confounding, isn’t it?

Regardless, loanDepot reassured their clients of their regained control over the situation by providing updates on their website since January 8. And the best part? Most of their operations appear to be up and running again. Right as rain, you might say.

One can’t help but praise loanDepot for not leaving their clients high and dry. They seem to have a knack for making amends, extending two years of complimentary services via Experian. Such an occurrence indeed makes for a suspense-filled narrative, and a compelling lesson for everyone about the inescapable reality and risks of the cyber world. Nevertheless, it’s heartening to see businesses rise up and protect their customers, ensuring their digital profiles remain as private as a sealed letter. Closed with a loving kiss, no less.

by Parker Bytes