Major US mortgage lender Mr. Cooper faces cyberattack

Company told clients the attack came on Oct. 31 and locked down its site

(Illustration by The Real Deal with Getty)

Major U.S. mortgage lender Mr. Cooper fell victim to a significant cyberattack, forcing the company to temporarily shut down several key systems, leaving customers unable to make mortgage and loan payments. 

The company’s website notified the public of the breach on Oct. 31, assuring customers that immediate measures were taken to secure their data, TechRadar reported.

As of Sunday, the company had the following banner on its website: 

On October 31, Mr. Cooper became the target of a cyber security incident and took immediate steps to lock down our systems in order to keep your data safe. As of Nov. 3 at 5pm CT, our systems remain locked down, and we are working on a resolution as quickly as possible. For the latest information, please visit https://incident.mrcooperinfo.com.

While Mr. Cooper didn’t explicitly confirm it was a ransomware attack, the decision to lock down systems suggested that it was a possibility. The company is investigating potential data compromises.

Sign Up for the undefined Newsletter

By signing up, you agree to TheRealDeal Terms of Use and acknowledge the data practices in our Privacy Policy.

In a statement to BleepingComputer, the company said it had begun alerting customers about the incident, hinting at potential data theft. Concerns over late payment penalties arose, but Mr. Cooper reassured customers that they would not face any fees, penalties, or negative credit reporting due to payment delays during the system downtime.

With services currently offline, the company advised customers to be cautious of any communications claiming to be from Mr. Cooper employees. Assuring customers that payments made through the ACH system would be processed once the systems were back online, Mr. Cooper provided customers with the reassurance that no immediate action was required on their part. With over 4 million customers and a loan portfolio of $937 billion, the mortgage lending giant’s cybersecurity breach has raised significant concerns among its clientele.

Mr. Cooper is the nation’s largest non-bank servicer of residential mortgages. Earlier this year, the company bought Michigan-based Home Point Capital for $324 million and will assume $500 million of the company’s outstanding debt, due in February 2026, the Dallas Morning News reported. The deal follows Mr. Cooper’s purchase of Rushmore Loan Management Services’ residential mortgage servicing platform in April.

— Ted Glanzer