Skip to main content

Mr. Cooper Cybersecurity Incident Exposes Customer Data

Christine Stuart
Nov 10, 2023

Mortgage servicing company attempts to reassure customers while experts assess potential impact of the breach.

It's been over 10 days since Mr. Cooper experienced a cybersecurity incident that impacted its servicing system and now it believes customer data was exposed. According to an SEC filing, the attack could cost the company at least $5 to $10 million.

According to the company's website as of Friday morning, "We are continuing to investigate precisely what information was exposed. In the coming weeks, we will mail notices to any affected customer and provide them with complimentary credit monitoring services." 

Until then, the company says customers should monitor their accounts and contact the three major credit bureaus to place a "fraud alert" on their file at no cost.

The statement goes on to say, "We do not believe that any of our customers' banking information related to mortgage payments was impacted." The company said customers can now access their accounts through the website and automated phone system and will not incur any fees or penalties as a result of late payments. 

"We continue to conduct a thorough investigation and have not reported the total customer impact number at this time. Any customer impact number reported in the media is speculation," a company spokesperson said Friday. "We continue to make great progress restoring our operations in a safe and secure manner, and are taking customer calls and payments." 

In a recent regulatory filing, Mr. Cooper stated that it believed the cyberattack would not result in a "material adverse effect" on its operations or finances.

"While we cannot presently quantify the full extent of remediation and legal expenses associated with this cyber attack, we do not believe the impact will be material to our results of operations or financial conditions. We estimate fourth-quarter earnings will include $5 to $10 million of additional vendor costs," Friday's filing stated.

On Tuesday, Stephen Lynch, a senior credit officer at Moody's Investors Service, told the New York Times that Moody's was closely monitoring the incident. The ultimate impact, Lynch noted, would hinge on the duration of the disruptions, potential reputational harm, and the scale of the security breach.

The Oct. 31 attack came days after the mortgage servicing company reported third-quarter net income of $275 million on Oct. 25. After adjusting for mark-to-market and specific other factors, the company reported a pretax operating income of $249 million. 

The company inadvertently may have painted a bull’s eye on its back. In addition to healthy third-quarter profits, company officials said during an earnings call it was the biggest and best. During the call, Chairman and CEO Jay Bray said that Mr. Cooper Group is now the "industry's largest servicer. We are also the most efficient."

Nov 10, 2023
More from
PowerVP + The Rate App: Two Apps That Will Revolutionize Mortgage Lending

Guaranteed Rate Invents New Mobile App To Significantly Enhance Loan Officers’ On-The-Go Capabilities

Nov 08, 2023
Mr. Cooper Locked Down By Cyber Attack

One of the country’s largest mortgage servicers was hit on Halloween; still locked down almost a week later.

Nov 05, 2023
Sailing New Seas

Weighing the benefits and risks of off-shoring

Oct 03, 2023
Fewer Dollars To Close

IMBs weigh in on finding savings in the loan process

Oct 03, 2023
Before Selling To Fannie And Freddie: Be Alert

Gain the expertise and experience to analyze basic decisions

Oct 03, 2023
Capital Markets Are Driven By …

GSEs, private institution originations, shifts in demand play leading roles

Sep 07, 2023