LoanDepot [1] [2] [3] [4] [5] [6] [7] [8], a major US-based retail mortgage lender [8], recently disclosed a cyberattack in which hackers stole the personal information of approximately 16.6 million customers. This breach has raised concerns about the security of customer data and the potential risks of identity theft and fraud.


LoanDepot reported a cyberattack on January 8, where hackers gained unauthorized access to the personal information of around 16.6 million customers. The specific types of data that were accessed have not been disclosed by LoanDepot. In response to the attack, LoanDepot took some IT systems offline for investigation. Limited functionality was restored to customer portals on January 18 [5], and the servicing customer portal and mobile app are now fully operational [5].

The stolen information includes customers’ full names, Social Security numbers [7], and dates of birth [7], leaving them vulnerable to identity theft and other fraudulent activities. LoanDepot is currently working with external experts to investigate the incident and restore systems. While some customer portals have been brought back online [1], many online services remain inaccessible [1], causing difficulties for customers in making payments or accessing their accounts.

LoanDepot is taking steps to notify affected customers and is offering free credit monitoring and identity protection services [8]. They have also set up a microsite to provide operational updates and are working on restoring their loan origination and loan servicing systems. The financial impact of the cybersecurity incident has not yet been determined by LoanDepot. However, individuals who receive a data breach letter from LoanDepot should take measures to protect themselves and may be eligible for financial compensation [7].

Console & Associates [7], P.C. [7], a team of data breach lawyers, is currently investigating claims on behalf of those affected and can provide further information about their rights [7]. This is not the first time LoanDepot has experienced a data breach [3], as attackers previously gained access to information of 1,361 customers in 2022 [3]. LoanDepot CEO [1] [2] [3] [4] [6] [8], Frank Martell [2], expressed regret for the impact on customers and stated that the company will notify affected individuals and provide credit monitoring and identity protection services [2].

LoanDepot has been working to restore its technology systems since the cyberattack was reported to the Securities and Exchange Commission on January 8. However, the company is already facing a class-action lawsuit from a customer who claims that LoanDepot did not disclose the full extent of the breach and the personal information accessed [2]. The lawsuit accuses LoanDepot of negligence [2], breach of contract [2], breach of fiduciary duty [2], and unjust enrichment [2]. LoanDepot has not commented on the pending litigation [2].

Customers have experienced difficulties making mortgage payments and accessing online accounts following a suspected ransomware attack [6]. LoanDepot is working to restore normal business operations after a security incident involving data encryption [6]. Some customer portals have been restored with limited functionality [6].


The cyberattack on LoanDepot has had significant impacts on both the company and its customers. The stolen personal information puts customers at risk of identity theft and fraud, while the disruption of online services has caused difficulties for customers in managing their accounts and making payments. LoanDepot is taking steps to mitigate the impact by offering credit monitoring and identity protection services, as well as working to restore its technology systems [2]. However, the incident has already led to a class-action lawsuit, highlighting the potential legal consequences for LoanDepot. This breach serves as a reminder of the importance of robust cybersecurity measures and the need for companies to prioritize the protection of customer data.