Roundpoint clients exposed due to MOVEit related data breach

Sovos Compliance, LLC ("Sovos") acting on behalf of RoundPoint Mortgage Servicing, LLC ("RoundPoint") reported a data breach incident. This breach event led to an unauthorized party gaining access to sensitive information belonging to RoundPoint's customers.

The data breach affecting RoundPoint Mortgage Servicing was caused by the exploitation of MOVEit program used by Sovos, a vendor utilized by RoundPoint

During the course of this investigation, Sovos confirmed that certain information pertaining to RoundPoint customers had been accessed by malicious hackers due to the vulnerability in the MOVEit application.  This incident did not involve unauthorized access to RoundPoint's internal IT systems. Instead, all compromised data was retrieved from Sovos' MOVEit application.

Upon discovering that sensitive consumer data had been exposed to an unauthorized party, RoundPoint Mortgage Servicing conducted a thorough review of the compromised files to ascertain which information had been compromised and identify the affected consumers.

No details are provided about the number of affected individuals nor the types of data exposed in the breach

On August 29, 2023, Sovos Compliance, on behalf of RoundPoint, initiated the distribution of data breach notification letters to all customers impacted by this recent security incident. These letters are expected to provide affected individuals with a comprehensive list of the specific data elements that were compromised.