Planet Home Lending Discloses Ransomware Attack – NMP Skip to main content

Planet Home Lending Discloses Ransomware Attack

Jan 31, 2024
cybesecurity
News Director

Company attributes cybersecurity breach to vulnerability in third-party vendor software; provides credit monitoring for affected customers.

Months after a ransomware attack that occurred on Nov. 15, 2023, Planet Home Lending is reporting the incident to nearly 200,000 customers and offering two years of credit monitoring and identity theft services.  

In a letter filed with the Maine Attorney General's office dated January 25, it blamed a third-party vendor for the vulnerability that allowed the incident to happen. The lender sent the same notice to customers affected by the recent data security incident the day prior. 

"Planet was one of many companies around the world whose information security systems were compromised by the threat actor LockBit in connection with one of its recent global ransomware campaigns. The root cause of the incident was a vulnerability (which has been termed “Citrix Bleed”) existing in a software program that Planet purchased from Citrix Systems, Inc., a worldwide leader in technology solutions," the letter states. "While Planet had implemented multiple layers of security tools designed to prevent this type of unauthorized access, the threat actor was able to exploit this Citrix Bleed vulnerability to bypass these protections."

The personally identifiable information taken included customers' names, addresses, SSNs, loan numbers and financial account numbers. 

The company tells customers that it immediately took action following the discovery of the breach. 

"Upon learning of this incident, we promptly secured our environment, conducted a full forensic investigation to determine the nature and scope of the compromise, and notified the FBI. In accordance with the
standard recommendation of the FBI and financial regulators, we have not paid, and do not anticipate paying, any ransom amount to the threat actor," the letter continues. 

In recent months, four financial services companies — First American, Fidelity National Financial, Mr. Cooper, and loanDepot  — have each disclosed separate incidents involving cybersecurity breaches and ransomware attacks. All four companies have notified government authorities and impacted parties.

Meanwhile, Connecticut-based Planet Financial Group, LLC, the parent company of Planet Home Lending, announced it ended the year with residential origination volume at $25 billion, down 5% from 2022. Mortgage servicing rights ended the year at $104.69 billion, up 42% from 2022. 

About the author
Christine Stuart is the news director at NMP.
Published
Jan 31, 2024
14.5 Million Homes Sit Vacant. So Why Is Inventory Still So Tight?

New LendingTree data shows most vacant properties are vacation homes, rentals or otherwise unavailable to buyers, helping explain today's persistent supply crunch

Jul 10, 2026
Homebuyers Return During Short-Lived Mortgage Rate Decline

Redfin says a brief drop in mortgage rates lifted pending home sales to a two-month high, but rising rates and tighter inventory could test whether the momentum lasts

Jul 10, 2026
Luxury Home Prices Pull Further Ahead In Key Markets: Redfin

South Florida leads the nation in luxury price premiums, while high-end buyers continue to shrug off mortgage rates that are sidelining much of the broader housing market

Jul 10, 2026
Conforming Loans Slip Below Half Of Mortgage Production

June purchase locks climbed 14% year over year while non-conforming and Non-QM lending continued gaining market share, according to Optimal Blue

Jul 09, 2026
Wealth Gap Creates Two-Speed Housing Market As Home Prices Edge Higher: Cotality

May prices increased 0.8% year over year, with equity-rich buyers fueling gains in markets like San Francisco while affordability continues to sideline many traditional borrowers

Jul 09, 2026
FICO Survey Finds Credit Confusion Still Holding Back Prospective Homebuyers

New research finds affordability remains the biggest obstacle, but many future buyers also misunderstand how credit affects mortgage eligibility and pricing

Jul 08, 2026