The new year has just begun, but unfortunately, many people will be ringing in 2024 focusing on a data breach notification letter they may have recently received.

Cybercriminals never take time off during the holidays, and data breaches continued to be reported right up until the end of 2023.

Luckily, there are plenty of tools data breach victims can use to mitigate the risk they face as a result of these incidents. Just because a data breach notification letter lands in your mailbox doesn’t mean the new year is buried just yet.

In this installment of the BlackCloak Thursday Threat Update, we’ll cover a pair of data breaches both affecting millions of people.


Mortgage and loan company breach impacts nearly 15 million people

What we know: Texas-based mortgage and loan company Mr. Cooper Group Inc. announced it experienced a data breach affecting 14.7 million homeowners. While the company initially believed only four million people were impacted by the breach, further investigation found the number nearly reached 15 million. Compromised data points included customers’ names, addresses, phone numbers, Social Security numbers, dates of birth and bank account numbers.

Recommendations: On its page regarding the breach, Mr. Cooper said it will offer current and former customers two free years of credit and identity protection monitoring services through TransUnion as long as they were a customer as of Oct. 31st, 2023. It’s highly advised for Mr. Cooper customers to place a credit freeze and fraud alert on their accounts as well. Anyone affected by the breach should monitor their bank accounts for fraudulent activity and keep an eye out for phishing messages that may be sent through SMS text messages, a practice known as “smishing.”


Health management solution provider breach affects 4.5 million patients

What we know: Health management solution provider HealthEC experienced a data breach affecting 4.5 million patients who received care through one of its companies. The breach took place from July 14th to the 23rd, but was only discovered on December 22nd. Names, addresses, dates of birth, Social Security numbers and medical information were among the compromised data points.

Recommendations: Similar to the Mr. Cooper situation, anyone affected by the breach should place a credit freeze and fraud alert on their accounts as soon as possible. HealthEC recommends taking this action according to its page on the incident. HealthEC is also offering one free credit report from each of the three major credit reporting bureaus, Equifax, Experian and TransUnion.


Start 2024 safely

The new year may only be a few days old, but that doesn’t mean it’s time to put your guard down. By learning about different threats, and the tools to protect yourself, you can be prepared throughout 2024 for whatever you may face.


Learn how criminals obtain smartphone passcodes to steal your money, as well as how credit freezes and fraud alerts operate.