Cyber Incident Victim: Lakeview Loan Servicing

Lakeview Loan Servicing, identified as one of the largest mortgage servicers in the United States and based in Coral Gables, experienced a cybersecurity incident involving unauthorized access to its file servers. The breach was discovered by the company in early December 2022, according to a customer notification letter dated March 18, 2023. Lakeview’s internal investigation determined that the unauthorized access resulted in the theft of sensitive customer information, including full names, physical addresses, and Social Security numbers. The compromised data exposed clients to potential identity theft and financial fraud risks due to the highly sensitive nature of the stolen identifiers. The company did not publicly disclose the exact number of affected individuals or the specific technical methods used by the attackers to gain access.

Lakeview delayed notifying impacted customers for approximately three months after discovering the breach, issuing formal communications on March 18, 2023. The notification letter, signed by Senior Vice President and Chief Compliance Officer Judith Tribble, confirmed the exposure of personal information but did not detail remediation measures offered to affected individuals. The breach prompted two separate federal lawsuits against Lakeview, alleging failures in safeguarding customer data and untimely disclosure. The incident drew public attention through media coverage by the Miami Herald, highlighting concerns over the company’s breach response timeline. No additional technical details regarding containment actions, forensic methodologies, or attacker attribution were disclosed in the available public reporting.