Mortgage company loanDepot says that the personal data of nearly 17 million customers was stolen in a January ransomware attack.
The ALPHV/Blackcat ransomware gang has claimed responsibility for the attack, which compromised customer social security numbers, names, dates of birth, email and postal addresses, financial account numbers, and phone numbers.
The breach left millions of customers unable to access their online accounts and make payments for several weeks.
ALPHV has threatened to sell the data if a ransom is not paid by loanDepot. The company has not revealed whether it has complied.
Ransomware attacks have been on the rise in recent months, with Fidelity National Financial, the US arm of Industrial and Commercial Bank of China and securities lending trading platform EquiLend among the victims.