It looks like the housing market is in trouble, yet again. If lending institutions were not already receiving enough negative attention in the media, the online mortgage firm LendingTree announced that it has suffered a data breach. The company has figured out the cause of this breach. Former employees illegally entered the system and granted other mortgage lenders access to customers’ personal data.

The extent of the breach is not fully known at this point. What is clear is that the information gathered by the other lending companies includes personal information, such as social security number, address, maiden name, and yearly income. All of this material is enough to allow someone to effectively steal the identity of one of LendingTree’s customers. It is advised that those who have taken out a mortgage with the firm consider purchasing an ID theft system, such as Lifelock. It is too early to tell how many people have been affected by this breach because LendingTree has been reluctant to provide full disclosure.

According to initial reports, the breach occurred over the course of 1.5 years, from late 2006 to early 2008. How the illegal activities of the former employees was discovered has not yet been released. LendingTree also remains silent on when the breach was first discovered and how long it took for them to alert the media. Although their discussions about the incident with the public have been limited, they have assured the media that they are fully cooperating with the authorities investigating the matter. The company also announced that it has taken legal action against the former employees and is suing them for damages. LendingTree, since the initial reports, has increased its security and has vowed to remain vigilant to prevent any future breaches from happening.

While some mortgage companies have praised LendingTree for its prompt handling of the situation, others have speculated that they did not act quickly enough. Their reluctance to share when the breach was discovered or the number of affected individuals is disconcerting to many. Equally troubling is the company’s claim that they believe no cases of fraud or identify theft took place. Unfortunately, this type of data breach is usually the cause of both activities. LendingTree’s claim does not seem to match up with their inability to share the full details about this case. Until LendingTree is able to alert its customers impacted by this breach, consumers need to remain vigilant. Purchasing Lifelock, or another ID theft service, is one step to take. Keeping track of individual credit card bills is also important. Consumers who have recently received an increased number of mortgage materials from other lenders will also want to check for illegal activity in their bank accounts.

Tags: lendingtree, lifelock

This entry was posted on Wednesday, May 28th, 2008 at 1:25 am and is filed under Corporate Breaches. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.