Mr. Cooper leaks 2M customer records via unsecured database
Learn More
Mr. Cooper, a prominent U.S. mortgage and loan company, has caused a significant data exposure incident involving more than 2 million of its customers.
The incident is attributed to an unsecured Google Cloud storage bucket. Cybernews research team's findings revealed that the open database contained personal information of 2.7 million individuals, including: names and phone numbers, and information on 1.7 million individuals, including names and emails.
Additionally, over 500,000 customers from various other mortgage companies serviced by Mr. Cooper:
- 207,672 United Wholesale Mortgage customers
- 161,761 LakeView customers
- 53,924 Veterans United customers
- 37,384 USAA customers
- 35,794 RightPath Servicing customers
- 12,722 Wintrust Mortgage Customers
- 3,778 Paddio Customers
The data breach included "enrollment links" that could be exploited by malicious actors to change account settings without login credentials, such as enabling "Paperless" features, highlighting significant security vulnerabilities in the system's design.
It's not clear how long the storage bucket was exposed online and whether any malicious actors managed to exfiltrate the data.
This event follows a separate major data breach disclosed by Mr. Cooper, which impacted 14.6 million individuals, although no direct link has been established between the two incidents.
