Intelliloan mortgage breach exposes customer PII, Social Security numbers, driver's licenses

Published: 1 October 2025
Last updated: 2 October 2025
Real estate home buying, mortgage lender
Image by Andy Dean Photography | Shutterstock

California mortgage lender Intelliloan has finally begun sending out breach notification letters to its customers about a previous March hack that exposed reams of sensitive data.

Nearly seven months later, the Irvine-headquartered company is alerting customers that hackers may have gained access to a treasure trove of sensitive information, putting them at risk of financial fraud, identity theft, and targeted social engineering attacks.

The company, which did not reveal how many individuals may have been impacted, has been in business since 1993 and has funded tens of thousands of loans across multiple states, records show.

ADVERTISEMENT

The company revealed in the September 26th letter that it “had identified unauthorized activity in a portion of its computer network on March 29th, 2025.” The lender had reported the breach to the Texas Attorney General’s office in May.

“We have worked diligently to determine what happened and what information could have been compromised,” it said.

Intelliloan breach notofication letter
Intelliloan customer breach notification. Image by Cybernews.

Treasure trove of sensitive data

Although considered a smaller outfit compared to other major mortgage lenders and national banks, Intelliloan was named by Lending Tree as one of the mortgage industry’s top 10 home-buying lenders in 2019.

Moreover, the amount of sensitive data stolen in the attack is paramount, triggering investigations and subsequent class action lawsuits by multiple data breach attorneys and at national law firms.

According to the notice, personal information accessed by the hackers includes:

  • Name
  • Social Security number
  • Address
  • Date of birth
  • Driver’s license number
  • Government-issued ID number (e.g., passport, state ID card)
  • Financial information (e.g., account number, credit or debit card number)
ADVERTISEMENT

Additionally, the personally protected health information of mortgage applicants held in Intelliloan systems was said to have been accessed by the cybercriminals.

The short two-page letter encouraged impacted individuals “to always remain vigilant, monitor your accounts, and immediately report any suspicious activity or suspected misuse of your personal information." It also offered customers complimentary credit monitoring and identity restoration services through CyberScout, a service provided by the TransUnion credit bureau.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Google News Follow us

Intelliloan further stated it was working with law enforcement to strengthen its systems’ security and focus on continuous awareness training and assessment of our data security.

“The protection, privacy, and proper use of your information is paramount, and we are working to prevent this type of incident from occurring again,” the company said.

According to its website, Intelliloan specializes in mortgage lending and home loan products, including refinancing, HELOC, home purchasing, VA loans, FHA loans, reverse mortgages, and more.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked