The U.S. retail mortgage lender loanDepot is struggling to recover from a cyberattack that impacted its loan processing and phone service, the Associated Press reports.
In a filing on Monday with the Securities and Exchange Commission, the company said data was encrypted by the “unauthorized third party” who broke into company systems. It said certain unspecified systems were shut down to contain the incident.
The Irvine, California, company said it had contacted law enforcement and was still assessing how the attack might affect its bottom line.
The incident bore all the hallmarks of a ransomware attack, but company spokesman Jonathan Fine would neither confirm or deny that possibility. The attack apparently began over the weekend.
The company did not say whether any corporate or customer data was stolen during the break-in or when it was discovered. Ransomware criminals typically steal data before activating malware that scrambles data with encryption. That way, the criminals can extort the target even if it is able to quickly restore its networks from backups.
On its website, loanDepot told customers that recurring automatic payments were being processed and that they could make payments by phone.
