RALEIGH, N.C. (WNCN) — One of the country’s largest mortgage servicers is dealing with the fallout from a targeted cyber-attack.
Mr. Cooper admits the sensitive information of nearly 15-million current and former customers was stolen during the breach.
Cybersecurity experts, like Mike Scheumack, chief innovation officer at IdentityIQ said a lot of people are now at potential risk due to the loss of that personal data that was accessed by hackers when they breached Mr. Coopers servers.
“It’s a data breach with a lot of sensitive information,” said Scheumack.
In official filings with the SEC and the Maine Attorney General’s office, the company admits nearly 15 million current and former customers and Applicants had their Social Security, birth date and bank account numbers compromised by the criminal hackers.
“It’s really everything important to your identity,” said Scheumack.
In response to the data breach, the company says on its website it’s offering 2 free years of credit monitoring with TransUnion, to any current or former customers.
However, some security experts said you need to do more because what Mr. cooper offers is too basic.
You should start by hitting all three credit bureaus, which are TransUnion, Equifax and Experian.
“You should still call each bureau and freeze it individually,” said Scheumack. “You can also have fraud alerts put on your accounts so that you can you’re alerted.”
“It also helps the credit bureau know that, ‘hey, my information was stolen and now I’m, I’m worried about it’,” said Scheumack.
Once your personal info is out in the wild, it’s bought and sold on the dark web by scammers and others who use it in various ways to defraud you.
“Your information, could really show up anywhere, it’s not just the dark web,” said Scheumack .
“There are sites and there’s ways to get to information from these data breaches,” he said.
There is also a class action lawsuit is being proposed against Mr. Cooper saying the company’s servers were “inadequately protected.”
The lawsuit is open to any person living in the United States whose private information was exposed to unauthorized third parties.
You can learn more here.
