In October, Lakeview Loan Servicing revealed a significant data breach that went unnoticed for more than a month and exposed the personal details of above 2 million customers.
Any incident that leads to unauthorized access to data, applications, networks, or devices is referred to as a security breach. As a result, information is accessed without permission. It usually happens when an invader can get past security measures.
The breach that was discovered in early December, harmed 2,537,261 borrowers between Oct. 27, 2021, and Dec. 7, 2021, as per the firm. According to public notice The letters, an unauthorized person gained access to the firm's servers and data, including names, addresses, loan information, and Social Security numbers. One of the notices described the occurrence as an "external system breach."
Mortgage servicers receive mortgage payments from homeowners and remit them to investors, tax officials, and insurers via escrow accounts. Investors' assets in mortgaged properties are also protected by servicers, who ensure the homeowners have enough insurance coverage.
Customers have lodged eight class-action lawsuits in a Florida federal court since the servicer's revelation in mid-March, alleging Lakeview of breach of fiduciary responsibility, among other things, for failing to preserve personally identifiable information. In a complaint filed on behalf of Jennifer Morrill, a California client, Daniel Rosenthal, an advocate with DBR Law, P.A., said, "This PII was exposed due to Defendant's negligent, reckless, and willful acts and failures and the fails to secure the PII of Plaintiff and Class Members."
According to Morrill's lawsuit, the sum at risk surpasses $5 million, and the proposed class has more than 100 members. In Morrill's case, a filing on Friday asks that the court cases be consolidated, pending a judge's consent. On Monday, Rosenthal declined to speak on the lawsuit. Lakeview refused to respond to the claims in a statement but said it contacted the proper third parties and people after discovering the incident.
"Lakeview, like many other firms, encountered a security incident in 2021," according to the statement. "Steps were taken to contain the problem right once, law enforcement was alerted, and a forensic investigation firm conducted a comprehensive investigation." The operations of Lakeview were not hampered."
According to a public document with the State Attorney General's Office made by an outside counsel for the firm, the servicer didn't witness a breach in the previous 12 months. Affected consumers received a free year of Kroll free credit and identity theft protection from Lakeview.
The news comes amid an increase in fraud risk for mortgage lenders, who are more vulnerable to cyber attacks than other financial institutions. According to a new FundingShield Q1 2022 study, one out of every three transactions involves components of wire or title fraud risk, and wire errors and instances of perpetuated fraud are increased in about 6% of transactions.
"Keep in mind," warned Ike Suri, chairman, and CEO of FundingShield, a loan and title fraud protection service. "And when it comes to these percentages, we're talking big figures." As per Security experts, the percentage of visitors affected by the Lakeview breach, as well as the volume of information exposed, was substantial.
"It's a lot of data which will have repercussions on those people's current business and ongoing relationships, as well as the business itself," Suri said.
The operating assets to a mortgage loan are owned by Lakeview. They work with several Servicing companies to process payments, manage a trust, as well as provide customer support for their current mortgage.
