Academy Mortgage attacked by ransomware group

Academy Mortgage, independent mortgage lender from Utah has a potential data breach after being listed in the AlphV (Black Cat) list of targets. While Academy Mortgage has not yet authenticated these reports, the hackers rassert that they have acquired a substantial amount of "personal data" from the mortgage provider.

Academy Mortgage has not yet confirmed whether it fell victim to a ransomware attack, potentially due to an ongoing investigation.

In the BlackCat hacker post, the group states, "We have infiltrated your network for a significant duration, allowing us to study your business operations. Furthermore, we have obtained your confidential data and are prepared to disclose it. This includes customer/partner data, personal information, financial details, and other sensitive data."

Based on the statement from BlackCat, it seems that Academy Mortgage chose not to pay the ransom, leading the group to threaten the release of the stolen information.

Should Academy Mortgage's internal investigation confirm the leakage of consumer data, the company will be obligated to send data breach notification letters to all affected individuals involved in the recent security incident.

However, if and when Academy Mortgage verifies the compromise of confidential consumer data, the company will initiate the process of sending out data breach notification letters to all individuals whose information was compromised in the recent security incident.

Update - as of 15th of January 2024, Academy Mortgage reports that the data breach in March 2023 has compromised the personal information of 284,443 customers. Alphv, a ransomware group, claimed responsibility for the attack, threatening to release the data, but it's uncertain if this occurred