Markeer uw agenda voor de ultieme vastgoedervaringen met de aankomende evenementen van Inman! Duik in de toekomst bij Connect Miami, dompel onder in luxe bij Luxury Connect en kom samen met marktleiders bij Inman Connect Las Vegas. Ontdek meer en sluit u aan bij de beste in de branche inman.com/events.
National mortgage lender loanDepot is declining to comment on ransomware group ALPHV/Blackcat’s claims that the group was behind a cyberattack that the lender has acknowledged exposed the personal information of 16.6 miljoen mensen to an “unauthorized third party.”
In Disclosing the cyberattack on Jan. 8, loanDepot declined to provide more specific information on exactly when the security breach occurred or whether the company had received a ransom demand.
But on Friday, Feb. 16, ALPHV/Blackcat claimed responsibility for cyber attacks on loanDepot and Prudential Financial, complaining on a dark Web site that neither company has complied with its demands.
Think Het register, an online news service for information technology professionals, the ransomware group claimed negotiators for loanDepot initially proposed paying $6 million to release the company’s data, an offer that the group later concluded was a stalling tactic.
“They [loanDepot] offered $6 million for the data and decryptor, but they said they could get a significant increase if we waited over the weekend — a tactic used by negotiators,” ALPHV/Blackcat reportedly posted on its dark Web page, according to another IT news site, RedPacket Security. “After the weekend was over, they disappeared.”
A spokesperson for loanDepot declined to comment on the group’s claims, but said in an email to Inman, “We’re 100 percent back up and operational, and have been for weeks.”
On Monday, Jan. 22, loanDepot posted on a cyber incident update page that it was still working on restoring its loan origination and loan servicing systems. The loanDepot spokesperson said the company’s systems were fully restored later that week.
The company had previously said that its loan servicing portal, which homeowners use to make their monthly mortgage payments, was back online “with some limits to functionality” on Jan. 18, and fully operational the following day.
De MyloanDepot customer portal for online loan applications and status tracking, mellohome’s website (which connects pre-approved homebuyers with partner real estate agents) and loanDepot’s HELOC customer portal were reported as back online Jan. 18.
Fidelity National Financial and First American Financial, which are the nation’s two largest title insurers, shut down their systems after similar security breaches in November and December. Mortgage servicing giant Mr. Cooper bijna 15 miljoen voormalige en huidige klanten op de hoogte gebracht in December that their personal information may have been compromised in an October data breach.
According to the FBI, ALPHV/Blackcat and its affiliates have compromised meer dan 1,000 bedrijven and government entities and received nearly $300 million in ransom payments.
The FBI has developed a decryption tool that it’s offering to victims to help restore their systems, saving dozens of victims from ransom demands totaling approximately $99 million,” the State Department said last week in announcing up to $15 million in rewards aimed at stopping the group.
The State Department is offering up to $10 million in rewards for information leading to the identification or location of anyone who holds a key leadership position in the ALPHV/Blackcat group, and up to $5 million for information leading to the arrest or conviction of anyone participating in a ransomware attack using the ALPHV/Blackcat variant.
The ALPHV/Blackcat group uses a “ransomware-as-a-service model” in which developers create ransomware and affiliates identify and attack “high-value victim institutions,” the Department of Justice said in a 19 december persbericht.
“Blackcat actors have compromised computer networks in the United States and worldwide,” the Justice Department said. ” The disruptions caused by the ransomware variant have affected U.S. critical infrastructure — including government facilities, emergency services, defense industrial base companies, critical manufacturing, and healthcare and public health facilities — as well as other corporations, government entities, and schools.”
Het ministerie van Justitie aangekondigd dinsdag that it had disrupted the operations of another ransomware group, LockBit, working with international law enforcement partners to seize public-facing websites and servers allegedly used by the group to extort victims. Two Russian nationals were indicted and charged with attacks against multiple U.S. and international victims.
The FBI and the U.K. National Crime Agency’s (NCA) Cyber Division have developed decryption capabilities to restore systems attacked by the LockBit ransomware variant, and victims are encouraged to contact the FBI to determine whether their systems can be restored.
Krijg Inman's Hypotheekbrief Nieuwsbrief rechtstreeks in je inbox bezorgd. Elke woensdag een wekelijkse samenvatting van al het grootste nieuws in de wereld van hypotheken en sluitingen. Klik hier om je in te schrijven.
- Door SEO aangedreven content en PR-distributie. Word vandaag nog versterkt.
- PlatoData.Network Verticale generatieve AI. Versterk jezelf. Toegang hier.
- PlatoAiStream. Web3-intelligentie. Kennis versterkt. Toegang hier.
- PlatoESG. carbon, CleanTech, Energie, Milieu, Zonne, Afvalbeheer. Toegang hier.
- Plato Gezondheid. Intelligentie op het gebied van biotech en klinische proeven. Toegang hier.
- Bron: https://www.inman.com/2024/02/21/ransomware-group-claims-it-was-behind-loandepot-cyberattack/
