What Do I Need to Know About the Guaranteed Rate Data Security Breach?

  • The Fee Is Free Unless You Win®.
  • America's Largest Injury Law Firm™
  • Protecting Families Since 1988
  • 20 Billion+ Won
  • 1,000+ Lawyers Nationwide

Free Case Evaluation

Tell us about your situation so we can get started fighting for you. We tailor each case to meet our clients' needs.
Results may vary depending on your particular facts and legal circumstances. ©2024 Morgan and Morgan, P.A. All rights reserved.
Morgan Brothers Photo

The attorneys featured above are licensed in Florida. For a full list of attorneys in your state please visit our attorney page.

What Do I Need to Know About the Guaranteed Rate Data Security Breach?

Imagine giving a mortgage company incredibly sensitive personal information required to apply for a loan and then finding out that hackers were allowed to gain access to that information to use in ways that one can only imagine will be fraudulent and harmful. Well, that is precisely what happened in the Guaranteed Rate data security breach. 

Between June 9th and October 2nd, 2017, hackers gained access to some of Guaranteed Rate, Inc.'s customers' social security numbers and names. Employees of Guaranteed Rate were targeted in an email phishing scheme, and hackers were able to compromise a limited number of employee email accounts that held sensitive customer data. 

Around September 13th, 2017, the company finally took notice of this suspicious activity and began investigating but wasn't able to confirm whose data had been compromised until around January 7th, 2018, leaving the hackers months and months of freedom to do damage. Suppose your information was hacked, and you experienced fraud and identity theft due to this security breach. In that case, our data privacy attorneys are here to help.

What is a data breach?

Data breaches are considered a security incident where confidential personal information is stolen by nefarious individuals looking to exploit the stolen data. The stolen information can be anything from your name and address to highly sensitive information like social security numbers and bank account information. When the data holders discover the information has been viewed by an unauthorized party, that is known as a data breach. 

Is a data breach the same as identity theft?

A data breach doesn't automatically mean you're the victim of identity theft. When the hackers use your information to impersonate you for financial gain, then you've entered the frustrating world of identity theft. Criminals can use your information to take out loans, buy goods, and rack up debt. Usually, you realize what has happened only after debt collectors come calling. It can take months to clear up your good name and repair the damage in the actual case of identity theft. Having your personal information exposed is never a comfortable position to be in. Still, not all instances of data exposure result in fraud. However, having your name and social security number stolen would definitely warrant concern.
 

Scroll down for more

How it works

It's easy to get started.
The Fee Is Freeâ„¢. Only pay if we win.

Results may vary depending on your particular facts and legal circumstances.

  • Step 1

    Submit
    your claim

    With a free case evaluation, submitting your case is easy with Morgan & Morgan.

  • Step 2

    We take
    action

    Our dedicated team gets to work investigating your claim.

  • Step 3

    We fight
    for you

    If we take on the case, our team fights to get you the results you deserve.

Client success
stories that inspire and drive change

Explore over 55,000 5-star reviews and 800 client testimonials to discover why people trust Morgan & Morgan.

Results may vary depending on your particular facts and legal circumstances. Based on Select nationwide reviews

  • Video thumbnail for 5l3q2e67j8
    Wistia video play button
  • Video thumbnail for yfe952tcop
    Wistia video play button
  • Video thumbnail for z1bqwg9hkl
    Wistia video play button
  • Video thumbnail for s5nb3hnvkv
    Wistia video play button
  • Video thumbnail for t4elibxene
    Wistia video play button
  • Video thumbnail for 5nr9efxqj3
    Wistia video play button
  • Video thumbnail for e8s1x6u5jp
    Wistia video play button

FAQ

Get answers to commonly asked questions about our legal services and learn how we may assist you with your case.

  • What type of business is prone to a data breach?

    It makes sense that a mortgage company would be the target of hackers because of the type of information the hackers could get. Anybody who's ever had a mortgage remembers the mountain of paperwork required. In recent years, the Guaranteed Rate data security breach has been just one of dozens. 

    Who can forget the infamous Equifax debacle where 148 million people's highly sensitive data was compromised. In today's marketplace, it's common to have personal login accounts for everything from apps to consumer goods websites which are all vulnerable to attack. As recently as October 2021, potentially 82 million customers of Whole Foods Market had their credit card details compromised at more than 100 stores. 

    Companies like Neiman Marcus, Facebook, LinkedIn, Uber, Marriott Hotels, and First American Financial Corporation have all been hacked in 2021 alone, leaving millions of customers at risk.

  • How do data security breaches happen?

    It's no surprise that security breaches are on the rise. In 2020 the global computer security software company, McAfee, reported the cost of global cybercrime in 2021 was expected to be in the trillions. One would think major companies would be able to protect your data from prying eyes. Still, missing security patches or system malfunctions can happen. In the case of Guaranteed Rate's data security breach, email phishing was the culprit. 

    Phishing tricks victims into opening an email with a malicious link that can install malware or reveal sensitive information. Hackers are known to go to great lengths to spoof organizations to trick victims into thinking the emails are legitimate. They do this by using the same typefaces, logos, signatures, and phrasing of the real business. However, a billion-dollar mortgage company that originates over 100,000 mortgages per year should be more vigilant in training its employees in their handling of personal data.

    Financial services have the duty to protect customer information, especially when the average financial services employee has access to around 11 million files. Over 64% of all employees who work in financial service companies have access to more than 1,000 sensitive files. 

  • Can I sue for a data security breach?

    Our modern world is highly dependent upon the transfer of digital data to make our lives more convenient and to get things done quickly and efficiently. Still, when we provide sensitive data to financial institutions, we have the expectation that our privacy will be protected. When a data security breach occurs, we're left vulnerable to being the victim of fraud. Identity theft damage doesn't end with financial loss. The hassle, worry, and inconvenience of clearing up issues can be exhausting and time-consuming. 

    Suppose you suffer losses, whether financial or emotional. In that case, you could be eligible for compensation by filing a data privacy lawsuit against the company responsible for the breach. Let's take a minute to go over what the possible compensation could look like.

  • Possible damages available in a data breach lawsuit

    Rarely are you able to sue the original culprit behind the data breach, which is the hacker. That’s because the hacker could be, and often is in another country. However, you can hold the company that is responsible for allowing the breach to occur accountable because they are ultimately responsible for safeguarding your personal information. When they fail in that duty, they open the door for a lawsuit. Depending on the type of breach and the damages that ensued, you may be eligible for a sizeable amount of compensation which may include the following:

    • Costs associated with replacing credit and debit cards
    • Expenses related to correcting information damaged in the security breach
    • Service fees for resources that monitor and protect your personal information after the breach
    • The cost of credit reports
    • The cost of credit insurance
    • Emotional distress
    • Invasion of privacy
    • Damage to credit
    • Damage to reputation as part of the loss of credit
    • Any additional out-of-pocket expenses related to the breach
  • What can you do when your private data is stolen?

    Courts will expect that you took measures to protect yourself after you were informed of the data breach. In the case of the Guaranteed Rate data security breach, you should have received a letter from the corporation informing you of the breach, along with instructions on how to protect yourself. If you did not follow those steps, your award could potentially be less. 

    It's also important to save all correspondence with Guaranteed Rate, Inc. concerning the breach and all other communication you have with credit bureaus along with documenting any evidence of fraud or any other damaging incidents.

  • Has Guaranteed Rate, Inc. had other legal issues?

    There's no doubt that Guaranteed Rate is a successful company. Furthermore, there is no indication that the 2017 data breach had anything to do with employees purposely allowing hackers access to customer data. However, they've been in some serious hot water since then. 

    In early 2020, Guaranteed Rate, Inc. agreed to pay the government $15 million to settle a 2017 lawsuit filed in New York federal court by a whistleblower who alleged the company was driving underwriters to endorse ineligible loans and make false statements to the government to get insurance for home loan mortgages.

    The whistleblower also alleged the company fired her after she brought forth her concerns that the company was "engaging in fraud and submitting false claims" to the government. As part of the settlement, the corporation admitted to giving FHA underwriters gifts and commissions in violation of rules. Furthermore, there was an admission that it failed to adhere to requirements of self-reporting and certified loans for government insurance that were not eligible.

    When companies settle lawsuits, that's often because they're not willing to take their chances in court where the damages awarded could be substantially more. That may be because they know the evidence is not in their favor. According to the Justice Department, before and after Guaranteed Rate was notified of a federal investigation, the company started to take "significant measures" to end these practices.

  • How can a Morgan & Morgan data privacy attorney help me?

    Recovering financial loss and other damages related to identity theft is complex, and it's a constantly evolving area of the law. When it comes to something as crucial as your personal identity, it's important to use an attorney that specializes in this field. 

    Our data privacy attorneys not only have the expertise needed to tackle this challenging problem but also the resources that may be needed. Resources that may be relevant to your case could include private investigators, forensic accountants, and other data privacy experts who can help your case.

    In these kinds of cases, timing is crucial because every state has its own statute of limitations for bringing a data security breach lawsuit. However, in the case of a class action lawsuit, the time restriction could change. When you're in doubt whether you have a case or not against Guaranteed Rate, Inc. for the compromise of your personal data, contact one of our data privacy lawyers for a free and confidential case evaluation. 

Scroll down for more