In guidance updated Monday, the company offered its customers several different payment methods, including by phone, mail, Western Union and MoneyGram. There is also a unique possibility of online payment.
The company claims to have more than 4.3 million customers and is the largest non-bank mortgage servicer in the United States. It provides services to homeowners nationwide and manages a $937 billion portfolio of services.
On Wednesday, customers trying to log on to Mr Cooper’s website to pay their mortgages or loans were notified that the company had experienced a technical failure.
The company later reported that the cyber attack had severely affected its systems. They did not respond to requests for comment on whether they were dealing with a ransomware attack.
“On October 31, Mr. Cooper was the target of a cyber security incident and took immediate action to lock down our systems to keep your data safe. Our systems remain down and we are working to resolve the issue as soon as possible,” the company said on a temporary website dedicated to providing updates on the situation.
Rest assured, you won’t incur any late payment fees, penalties, or negative credit reports as we work to resolve this issue. However, in an effort to protect systems and customer data, we have temporarily updated the available payment options.”
After discovering the attack, the IT team took “containment measures to protect systems and customer data, and disabled certain systems.”
The company added that it is investigating the incident to determine if any data was stolen. If they find that data has been accessed or extracted by hackers, the company has promised to provide victims with data protection services (which it does, of course).
Last week, the Federal Trade Commission raised concerns about cyberattacks on non-bank financial institutions and approved a new rule requiring them to report data breaches and other security breaches within 30 days.
The incident with Mr. Cooper is yet another reminder of the importance of cyber security in today’s digital world. It is important for financial institutions not only to take measures to prevent such attacks, but also to be prepared to effectively respond and recover if they do occur.