Skip to main content 
U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans.
loanDepot is one of the largest nonbank retail mortgage lenders in the USA, employing approximately 6,000 people and servicing loans of over $140 billion.
On January 5,2024, customers began experiencing issues when trying to log in to the company's payment portal to pay loans or contact them by phone.
Some customers took to X to find out what was causing the outages, and loanDepot responded that they were suffering a cyber incident.
"loanDepot is experiencing a cyber incident, which is affecting our phone lines. We are working diligently to return to normal business operations as soon as possible. We apologize for the inconvenience," the company stated on X.
This message also states that recurring automatic payments will continue to be processed, but there will be a delay in it appearing in the payment history. However, using the servicing portal to make a new payment will not be possible, and customers should instead contact the company's call center.
This message also states that recurring automatic payments will continue to be processed, but there will be a delay in it appearing in the payment history.
However, using the servicing portal to make a new payment will not be possible, and customers should instead contact the company's call center.
Although the company has not yet reported the nature of the attack if was ransomware, the threat actors would have stolen corporate and customer data during the attack, which they would use as leverage to scare the company into paying a ransom.
As loanDepot holds sensitive information about its customers, such as financial and bank account information, customers should be on the lookout for potential phishing attacks and identity theft.
In May, loanDepot disclosed a data breach resulting from a cyberattack in August 2022 that exposed customer data.