top of page

Mortgage Subservicer LoanCare's Data Breach Affects 1.3 Million Customers Background of the Incident

Mortgage Subservicer LoanCare's Data Breach Affects 1.3 Million CustomersBackground of the Incident
Mortgage Subservicer LoanCare's Data Breach Affects 1.3 Million CustomersBackground of the Incident

LoanCare LLC, a subsidiary of Fidelity National Financial (FNF), recently faced a cybersecurity challenge. On November 19th, FNF detected unauthorized access to its systems, potentially compromising the personal data of over 1.3 million homeowners. This breach included sensitive information such as names, addresses, Social Security numbers, and mortgage loan numbers.

Immediate Actions and Consumer Notifications

Upon discovering the breach, FNF acted promptly to contain the situation by November 26th and fully restored operations by December 6th. LoanCare, on its part, has been proactive in communicating with affected consumers. They have assured customers that there is no current evidence of fraudulent use of their personal information. However, as a precaution, LoanCare is offering 24 months of complimentary identity monitoring services through Kroll. This service includes credit monitoring, fraud consultation, and identity theft restoration.

Scope of the Data Breach

The breach was first identified in FNF's systems, a company renowned for its title insurance services through brands like Chicago Title and Fidelity National Title. FNF also provides technology and services in the real estate sector through various subsidiaries. The full extent of the breach across FNF's network of companies is currently under investigation.

Regulatory Compliance and Consumer Advice

In compliance with regulatory requirements, LoanCare notified the Maine Attorney General's office on December 22nd about the potential exfiltration of customer data. They also issued consumer notices advising clients to remain vigilant, regularly review account statements, and obtain credit reports from the three national credit reporting companies.

Broader Impact and Industry Context

This incident is part of a larger trend of cybersecurity attacks targeting businesses and government entities. Notably, FNF's competitor First American Financial and the loan servicing company Mr. Cooper have also reported similar breaches.

Government and Industry Response

The U.S. government, through the Department of Justice and the FBI, is actively addressing these cybersecurity threats. They have developed a decryption tool that has already aided many victims. Additionally, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued advisories on steps companies should take to bolster their defenses against ransomware attacks.


- LoanCare LLC, a mortgage loan subservicer, reported a data breach affecting over 1.3 million customers.

- The breach, stemming from an attack on parent company Fidelity National Financial, compromised personal data, including Social Security numbers.

- LoanCare is offering free identity monitoring services through Kroll to affected customers.

- The breach is part of a wider pattern of cybersecurity attacks in the industry, with similar incidents reported by other companies.

- Government agencies are actively working to combat these threats, offering tools and guidelines to mitigate the impact of such attacks.


1. What type of personal information was compromised in the LoanCare data breach?

- Names, addresses, Social Security numbers, and mortgage loan numbers were compromised.

2. How is LoanCare responding to the data breach?

- LoanCare is offering 24 months of free identity monitoring services and has informed affected consumers.

3. Were other Fidelity National Financial subsidiaries affected by the breach?

- The extent of the breach across FNF's subsidiaries is still under investigation.

4. What should affected consumers do following the breach?

- Consumers should monitor their credit reports and account statements, and report any suspicious activities.

5. How are government agencies responding to these cybersecurity threats?

- Agencies like the FBI and CISA are providing decryption tools and issuing guidelines to help combat these threats.

Data Points

1. Date of Breach Discovery: November 19.

2. Number of Affected Consumers: Over 1.3 million.

3. Identity Monitoring Services Provider: Kroll.

4. Duration of Free Identity Monitoring Offer: 24 months.

5. Other Companies Recently Affected: First American Financial


bottom of page