Hackers Auction Off LendingTree Consumers' Data

Cyber hackers are flagrantly selling data about consumers of LendingTree Inc. subsidiary QuoteWizard after the company detected unauthorized access on a cloud database hosted by Snowflake Inc. Several listings have appeared on cybercriminal forums, Bloomberg reported, and the stolen data is being sold to the highest bidder. 

“This is an ongoing investigation, and as soon as that investigation is complete we will notify all the impacted customers,” said Arun Sankaran, LendingTree’s chief information security officer.

LendingTree, an online loan marketplace, uses cloud data analytics company Snowflake for its business operations and has said it was notified earlier that its QuoteWizard subsidiary may have been affected. LendingTree has said that the breach didn’t affect information linked to the parent company or financial account information of QuoteWizard customers.

Reports noted that cybercriminals are demanding payments of between $300,000 and $5 million a piece from 10 different companies that were breached in a campaign that targeted Snowflake Inc customers, according to Austin Larsen, senior threat analyst at Google’s Mandiant security business. He explained that the hackers look to profit off the most valuable information stolen, which includes auctioning companies’ data on illegal online forums to try to pressure them into making payments. 

The attack, confirmed by LendingTree around June 10, quickly impacted market shares. By June 21, the company's shares were down 3.3% and Snowflake stock was down 1%. 

On June 25, LendingTree said it was investigating whether the company was a victim of a larger hacking campaign against Snowflake clients. 

“We take these matters seriously, and immediately after hearing from them we launched an internal investigation,” a LendingTree spokesperson said.