The latest economic and policy trends facing mortgage servicers

Join this webinar for an in-depth roundtable discussion on economic and policy trends impacting servicers as well as a look ahead at strategies servicers should employ in the next year.

2021 RealTrends Brokerage Compensation Report

For the study, RealTrends surveyed all the firms on the 2021 RealTrends 500 and Nation’s Best rankings, asking for annual compensation data for the 2020 calendar year.

Steve Murray on the importance of protecting property rights

In this episode, Steve Murray, RealTrends advisor and industry stalwart, discusses some of the issues facing private property rights, including how a case in Germany could potentially affect U.S. legislation.

Lenders, it’s time to consider offering non-QM products

The non-QM market is making a comeback following a pause in 2020. As lenders rush to implement, Angel Oak is helping them adopt these new lending products.


WEI Mortgage becomes latest victim of data breach

Employee’s email account accessed via phishing scheme

Virginia-based WEI Mortgage disclosed this week that is the victim of a data breach that may have exposed the highly sensitive personal information of the lender’s customers.

WEI Mortgage, which is a subsidiary of Arc Home, revealed Monday that it discovered in September 2017 that one of its employees was the victim of a phishing scheme, which ultimately gained access to the employee’s account and perhaps other accounts.

According to the lender, with access to the email accounts in question, the hacker (or hackers) may have had access to numerous pieces of personal information including: Social Security number, date of birth, address, driver’s license or state identification number, passport number, bank account information, credit or debit card information, tax identification number, username and password, loan package information, and name.

The lender said that on approximately Sept. 20, 2017, it became aware of “unusual activity” tied to one employee’s email account.

After receiving the reports about the unusual activity, WEI began investigating to verify the security of its network and to determine the nature and scope of the potential breach.

The lender said that it engaged third-party forensic investigators, which determined that the company was the target of an email phishing attack that resulted in unauthorized access to certain employee email accounts.

Based upon the evidence found during the investigation, the lender determined that these email accounts were subject to unauthorized access between Sept. 13 and Sept. 28, 2017.

The lender cautions that its investigation found no evidence of actual or attempted misuse of personal information thus far, but the investigation showed that some personal information was present in the impacted email accounts at the time of the incident.

WEI said that the amount of personal information that was present in the impacted accounts varies by individual, but some of the above information was potentially exposed to hackers.

WEI also did not reveal the size of the breach or the number of potentially affected customers.

Additionally, health insurance information, health insurance group number, and health insurance member number of certain individual may have been exposed.

As for what the lender is doing now, WEI said that it takes the security of personal information “very seriously.”  The company said that it is “working diligently” to educate its employees about phishing scams and to confirm the ongoing security of its networks. 

WEI said that law enforcement was also notified of the breach, as well as applicable state regulators, as required by law. 

Additionally, the lender said that it is offering access to 24 months of credit monitoring and identity theft restoration services through AllClear ID to all affected individuals at no cost to them.

Most Popular Articles

Ex-loanDepot COO: Tony Hsieh cut corners to boost volume

The suit, filed by former COO Tammy Richards, accuses loanDepot CEO Anthony Hsieh of ordering the sales team to “trust [their] borrowers” and close loans, disregarding proper underwriting etiquette. 

Sep 23, 2021 By and
3d rendering of a row of luxury townhouses along a street

Log In

Forgot Password?

Don't have an account? Please