CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 23rd, 2008

Former LendingTree Employees Sold Access To Customers Database

LendingTree has notified its customers that former employees helped unauthorized mortgage lenders hack into its systems and steal customer information from 2006 to 2008. These lenders then used the passwords to access LendingTree customer information files, normally available only to LendingTree-approved lenders, to market loans to LendingTree’s customers.
The files contained loan request data such as name, address, email address, telephone number, Social Security number, income and employment. Credit card information (such as account number or account balance) was not involved.

A LendingTree spokeswoman said the company was not granting interviews to discuss the data theft. She would not say how many customers were affected nor how much data was stolen, but instead supplied a copy of the customer letter sent by the firm.

The company began an internal investigation and reported it to the authorities, enhanced the security and brought lawsuits against the lenders and other persons involved: Newport Lending Group, Irvine, California; Home Loan Consultants, Inc., Newport Beach, California; and Sage Credit Company, Irvine, California.

LendingTree sent emails or letters to the mortgage customers that it believes, based on its investigation to date, might be at risk of having their information accessed and used by these mortgage companies to solicit mortgage loans.

Concerned clients can call LendingTree at 866-505-8874 to speak with one of the customer service representatives who are available from 9am to 9pm ET seven days a week.

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn

More on CyberInsecure:
  • Personal Information Sent To An Analysis Firm Stolen From State Street Corporation
  • A Mistake At The University of Toledo Exposes 6500 Employees
  • Unauthorized Access To Stryker Corporation Employees Database
  • Intruder Gains Access To 128,000 Patients Database In Saint Mary’s Regional Medical Center Website Breach
  • Heinemann-Raintree Reports a Year And A Half Old Breach in Their E-commerce Website

    • Posted in Data Theft, Privacy | Print This Post Print This Post

    This entry was posted on Wednesday, April 23rd, 2008 at 12:06 pm and is filed under Data Theft, Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Former LendingTree Employees Sold Access To Customers Database

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « « Stolen Central Collection Bureau Server Exposes 700000 Personal Records
    Thousands Of Sites Infected In Renewed SQL Injection Attacks » »