Bayview Asset Management and three subsidiaries agreed to pay a $20 million fine and implement a remediation plan following the 2021 data breach that affected 5.8 million customers.
The agreement, announced Wednesday by the Conference of State Bank Managersincludes 53 national financial regulatory agencies. Including Bayview and its three affiliates, Lakeview Loan Service, Community Loan Assistance again Pingora Holdings share price.
Lakeview was the third largest company in the US as of September 2024, with a portfolio under management of 728 billion dollars, Inside Mortgage Finance.
Federal regulators pointed out that the company implemented “deficient cyber security measures” and “did not fully cooperate” following the 2021 data breach.
A representative for Bayview did not immediately respond HousingWirerequest for comment. The companies neither admit nor deny wrongdoing by signing the consent order, the document shows.
The case began in October 2021, when a Bayview Asset Management employee downloaded malicious software while doing a work-related Internet search, according to the settlement agreement.
Criminal actors exploited the breach, installed malware and extracted sensitive data, including personally identifiable information, from the company’s network.
Bayview and its subsidiaries responded by notifying affected consumers, providing support services, and providing free credit and identity theft monitoring.
Although the companies notified various state regulators and federal agencies and partners about the breach, they failed to meet the notification requirements of all state real estate regulators in a timely manner, the settlement says.
Federal agencies in California, Maryland, North Carolina and Washington led the multi-state investigation. They concluded that Bayview and its subsidiaries delayed the regulatory process by not promptly complying with the requests while the investigation was still underway.
The settlement requires Bayview to take corrective actions, including improving its cybersecurity programs, conducting independent audits and submitting detailed three-year reports to state regulators.
The 2021 data breach also sparked civil lawsuits against Bayview and its subsidiaries. The incident highlights the growing number of cyber attacks affecting the mortgage industry, with other recent cases involving companies such as Mr Cooper Group, First American, Fidelity National Financial again Fairway Independent Mortgage Corp.
Related
Source link
