Coppell-Based Mr. Cooper Facing Five Consumer Lawsuits From October Data Breach

Mr. Cooper Group, the Coppell-based mortgage loan servicer considered to be one of the largest companies of its kind in the United States, was hit with five lawsuits following an October data breach.

On Halloween 2023, the mega mortgage loan company was hit by a cyberattack that potentially exposed significant consumer personal information: full names, dates of birth, addresses, and even social security numbers. However, the company did not send out notifications to clients affected until Nov. 2. Further, the letter sent did not fully explain key details of the attack, such as how it happened and where the leaked data might be. Mr. Cooper also allegedly failed to explain the steps it would take in the future to protect its data and confidential consumer information.

As of this morning, these are the five separate suits according to reports from HousingWire and other national sources:

The lawsuits could expand: The firm handles $4.29 million in mortgage loans that amount to a total of $937 billion. Full disclosure: one of our real estate properties was serviced by Mr. Cooper until July, when the portfolio was sold to NewRez LLC out of Greenville, SC.

Plaintiffs seek class action certification and a jury trial. They accuse Mr. Cooper of not safeguarding their confidential personal information effectively, and allege that it was Mr. Cooper’s negligence that led to the data breach; loss of time and money in Mr. Cooper’s delayed response to the breach, and claim to be at risk of becoming fraud and identity theft targets. The damages requested are in the millions.

Mr. Cooper denies the claims, insisting all customer banking data is stored with third-party providers, and therefore unaffected by the data breach. The company already expects to lose anywhere between $5 to $10 million in vendor costs as a result of the attack.