Mortgage servicing provider Mr. Cooper Group shut down multiple systems after it determined a threat actor accessed certain technology systems on Oct. 31, according to a Thursday filing with the Securities and Exchange Commission.
The company initiated precautionary containment measures in response to the cyberattack, a move that’s temporarily halting recurring payments and leading customers to make one-time loan payments online, via phone, email or third parties. The status of customers’ loans were last updated Oct. 31.
Mr. Cooper is the third-largest mortgage servicer in the U.S. with more than 4.3 million customers, according to the company.
The Texas-based company said it notified law enforcement and contacted cybersecurity experts to assist in an investigation. “While the company’s investigation is ongoing, based on information currently known, the company does not believe this incident will have a material adverse effect on its business, operations or financial results,” the company said in the SEC filing.
The ongoing investigation has yet to determine if any data was compromised and Mr. Cooper said it will notify any customers that are potentially impacted. A temporary site was set up to provide customers with updated information, including details about how to make payments as the company works to return to normal operations.
Mr. Cooper assured customers that it won’t impose any fees or negative credit reporting for late payments until the issue is resolved.
“At this time, we believe this cybersecurity incident was isolated to Mr. Cooper systems and technology and did not affect any of the company’s clients’ or partners’ systems or technology,” a company spokesperson said in a statement.
The cyberattack against Mr. Cooper, which blocked millions of customers from making payments and processing mortgage transactions, is credit negative, Moody’s Investors Service said Tuesday.
“The full impact of the event will depend on the duration of the disruptions, ensuing potential reputational damage and magnitude of the breach,” Stephen Lynch, VP and senior credit officer for Moody’s, said in a statement.
Mr. Cooper services approximately 450 residential mortgage-backed securities, according to Moody’s.