Consumer Data Breach Alert: Primary Residential Mortgage, Inc.

Console and Associates, P.C.

Earlier this year, Primary Residential Mortgage, Inc. issued a press release indicating that the company experienced a cyberattack, which put the information of thousands of consumers and employees in the hands of an unauthorized third party. On October 27, 2021, Primary Residential Mortgage, Inc. sent out a data breach notification letter to all affected parties explaining that a hacker obtained access to some of the company’s electronic files. As a result, the names, Social Security numbers, driver’s license numbers, and government ID numbers of an estimated 59,559 consumers were compromised. Anyone who received the Primary Residential Mortgage data breach notification letter is at a greater risk of identity theft and other financial losses.

If you are among those who received a data breach notification from Primary Residential Mortgage, Inc., it is essential that you take immediate action to protect yourself. While it is too early to tell if Primary Residential Mortgage, Inc. bears any responsibility for the mishandling of consumer data, if so, impacted consumers may be able to pursue a claim for financial compensation against the company.

Can You Take Legal Action Against Primary Residential Mortgage, Inc.?

Businesses owe customers, as well as consumers, a duty to protect their information. When you applied for a lending product through Primary Residential Mortgage, the last thing you’d expect is that your personal information would end up in the hands of a potential criminal. However, that appears to be exactly what happened to more than 59,000 people. If a company mishandles consumer data, it may be financially liable to those whose information was accessed. However, data breach laws are complex, and, at this point, it is unclear whether Primary Residential Mortgage, Inc. mishandled consumer information leading up to the cyberattack. However, our data breach lawyers are currently investigating whether there is a possible class action lawsuit against Primary Residential Mortgage based on the recent data breach. If you have questions about your ability to bring a Primary Residential Mortgage class action lawsuit, it is important you reach out to a data breach lawyer as soon as possible.

What to Do to Protect Yourself if You Received a Data Breach Notification Letter from Primary Residential Mortgage, Inc.

If you received a letter from Primary Residential Mortgage, Inc. informing you that your personal information was compromised in the recent hacking event, you should take immediate steps to protect yourself. While receiving a letter is not a guarantee that your information is in the hands of a criminal, it does mean you are at a greater risk of identity theft. Below is a list of steps you can take to reduce the likelihood of identity theft or other negative consequences that could stem from the data breach:

  1. Read over the data breach notification letter in full to determine which of your information may have been accessed by the hacker
  2. Make a copy of the letter and keep it for your records;
  3. Sign up for the free credit monitoring service provided by Primary Residential Mortgage, Inc.;
  4. Log on to all online accounts and change your passwords, ensuring that they are both secure and unique;
  5. Check your bank account and credit card statements regularly, keeping an eye out for signs of unauthorized activity;
  6. Monitor your credit report regularly for any signs of fraud or identity theft;
  7. Contact a credit bureau to add a fraud alert to your account; and
  8. Notify all banks and credit card companies of the data breach.

About Primary Residential Mortgage, Inc.

Primary Residential Mortgage is a privately-held mortgage lender focused on providing a range of credit products to homebuyers and homeowners, including traditional mortgages, reverse mortgages and refinancing options. The company is based in Salt Lake City, Utah and has offices in 49 states.

More Info About the Primary Residential Mortgage, Inc. Consumer Data Breach

On August 8, 2021, Primary Residential Mortgage, Inc. experienced a data security event in which an unauthorized party accessed or acquired information contained on the company’s network. In response, Primary Residential Mortgage hired a cybersecurity firm to investigate further, and it was determined that some of the data contained the personal and identifying information of consumers and employees.

After reviewing the information accessed by the unauthorized party, Primary Residential Mortgage Inc. determined that the information accessed included the names, Social Security numbers, driver’s licenses numbers and government identification numbers of as many as 59,559 individuals. On October 27, 2021, the company sent out thousands of data breach notification letters to those whose information was compromised.

Below is a copy of the data breach letter issued by Primary Residential Mortgage, Inc. (the actual notice sent to consumers can be found here):

Dear [Consumer],

We are writing to inform you of an incident that may have involved some of your information. This letter explains the incident, measures we have taken, and provides some steps you may consider taking in response.

What Happened?

On August 8, 2021, we identified and addressed a data security incident involving unauthorized access to some of our systems. Upon discovering the incident, we took immediate action, and brought certain servers offline to secure the environment. We also initiated a thorough investigation, notified law enforcement, and third-party cybersecurity firms were engaged to assist.

What Information Was Involved?

Our investigation determined that an unauthorized party accessed or acquired certain data that was stored on our systems during the incident. On September 27, 2021, we determined that some of the data included the personal information of some individuals affiliated with PRMI, including a limited number of borrowers and employees. The type of information identified includes individuals’ names, Social Security numbers, driver’s license numbers and state or government identification numbers.

What Are We Doing?

In response to the incident, we have taken steps to help prevent a similar incident in the future including implementing additional security safeguards. In an abundance of caution, we are offering you a complimentary one-year membership to credit monitoring and identity theft protection services through IDX. IDX identity protection services includes 12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services. Please note the deadline to enroll is January 27, 2021.

What You Can Do.

We encourage you to sign up for the complimentary credit monitoring service and to remain vigilant by reviewing your account statements and credit reports for any unauthorized activity over the next 12 to 24 months. If you see any unauthorized activity, immediately alert the financial institution and consumer reporting agencies. For more information on IDX, including instructions on how to activate your complimentary membership as well as some additional steps you can take to help protect yourself, please see the pages following this letter.

For More Information.

If you have any questions, please call 1-833-989-3937, Monday through Friday, 7:00 a.m. to 7:00 p.m. Mountain Time.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.