Cyberattack at AnnieMac affects 171,000 customers
Add American Neighborhood Mortgage Acceptance Company LLC, doing business as AnnieMac, to the list of mortgage lenders that have recently suffered a data breach from a cyberattack.
The company notified state authorities that it became aware of “suspicious activity” of certain systems within its network in August. After an investigation, it concluded that cybercriminals infiltrated its systems, potentially accessing and acquiring files containing sensitive personal information of 171,074 customers.
“The investigation determined that between August 21, 2024, and August 23, 2024, an unknown actor gained access to systems on AnnieMac’s network and viewed and/or copied certain files from these systems,” the company said in a written notification on Thursday to state authorities in Maine. “The type of information affected by this event includes name and Social Security number.”
AnnieMac CEO Joseph Panebianco said, “Cyber threats are an unfortunate reality in today’s digital world.” However, he added, “Thanks to our team’s vigilance and proactive monitoring, we detected the attack early and acted swiftly to secure our systems, minimizing potential harm and notifying those affected.
“While no information has been confirmed as taken, we are responding with the utmost caution. This includes offering complimentary credit monitoring and identity theft protection services to impacted individuals as part of our unwavering commitment to safeguarding our customers’ trust.”
Individuals affected will have access to credit monitoring services for one year through CyEx, which the lender offers. The company said notifications were sent to customers, state and federal regulators, and the three major credit reporting agencies.
New Jersey-based AnnieMac originated $2.5 billion in mortgage loans in the last 12 months, according to the mortgage tech platform Modex estimates. Most of it is conventional (52%) and purchase (75%) loans. AnnieMac has 447 sponsored loan officers and 74 active branches as of Monday, per the Nationwide Multistate Licensing System (NMLS).
AnnieMac is now part of the group of mortgage lenders targeted by cybercriminals, which also includes Mr. Cooper Group, loanDepot, Fairway, Nations Direct Mortgage, and Fidelity National Financial Inc., parent of servicer LoanCare.