The murky swamp in which Mortgage Servicers and the Mortgage Field Services Industry have co-existed in, for decades, finally took a turn for the worst. Mr Cooper, the cleaned up image of Nationstar, was bent over by hackers on 31 October 2023. It wasn’t like the Industry didn’t see it coming. For years, the websites and databases of National Association of Mortgage Field Services (NAMFS) members have been an open book. Whether it be the 3 billion plus records which Safeguard Properties broadcasted out across the internet; the 10 days in which Mortgage Contracting Services (MCS) websites were down; or the multiple data breaches of both Field Service Technician and Realtor personally identifiable information (PII) carelessly exposed, the common theme has been no one cares. In fact, in one of the most recent, critical exposures impacting Housing and Urban Development‘s (HUD) M&M FSM Awardee, JGM Property Group’s Joyce Milaszewski allowed laid off employee’s emails to be exposed and unmaintained. This resulted in her firm’s hijacked email address to send viruses to many other Industry firm’s including the International Association of Field Service Technicians (IAFST).
The troubling thing about Milaszewski and JGM Property Group is that even when confronted with the illegal activity instigated through her email servers; servers which could have been protected had she obeyed the law, she has refused to this day to even apologize. Milaszewski is not alone in this purposeful disregard of cyber security.
Craig Karnes, HUD’s Assistant Chief Procurement Officer for Field Operations, has turned a blind eye to millions of dollars in fraud as well as even the most basic of cyber security issues. In the Milaszewski incident, Karnes’ response was,
I appreciate you bringing it forward, but like many things, we are going to be somewhat limited in how much of the problem HUD is willing to take on directly.
In light of Karnes’ purposeful stonewalling of Freedom of Information Act (FOIA) requests, the reply isn’t really that surprising. It was this same mentality that allowed for previous hacks of Solar Winds and other providers to not only HUD, but the US government at large. The statement that a HUD Awardee is not responsible for even the most basic of rudimentary security, though, confirms what I have always stated that the Industry is the soft underbelly of the banking sector by through which malicious actors will eventually make their breach through.
Several days ago, Mr Cooper — the cleaned up name of Nationstar — was breached to such a point that they have shut down all computerized operations. Above, you can see what has been blazed on Mr Cooper’s website for several days now. Item 8.01 on Mr Cooper’s 8K filing with the SEC was excruciatingly empty in any meaningful details,
On October 31, 2023, Mr. Cooper Group Inc. (the “Company”) determined that the Company had experienced a cybersecurity incident in which an unauthorized third party gained access to certain technology systems. Following detection of the incident, the Company initiated response protocols, including deploying containment measures to protect systems and data and shutting down certain systems as a precautionary measure. The Company launched an investigation with assistance from leading cybersecurity experts and notified law enforcement.
The empty promises of simply giving some credit notification to compensate for the compromised personally identifiable information is part and parcel what is wrong with the Industry. And with the continued aggressive push of artificial intelligence (AI) throughout the Industry, including the complete control of prime vendor awardees by AffirmData, a foreign national provider of AI and property management, the reality is that it will only get worse. In fact, a recent Survey of inspection providers of one prime vendor has shown precisely how bad it is, even after eight months of negotiations. Nearly 61% of all inspections are now Rush work orders — 72 hours or less — and most of those are issued after 5pm and on weekends. Labor, as usual, takes it on the chin and still is not afforded the tens of millions of dollars in profits being reaped from Fannie Mae and Freddie Mac price increases. For all of the hype that is being pushed out about price increases, the reality is that AI has made things far worse for Labor and the five dollar inspections and absentee vendor managers offshored to India, are not worth the $5 being paid.
Things will change, though. With the focus now on education and the creation of an NAICS, for the first time in the history of our Industry, compliance will become more than lip service used in a manner to simply offload more upon Labor’s shoulders. And as Foreclosurepedia begins to wind down and the focus is placed upon the International Association of Field Service Technicians (IAFST), the change coming is no longer under the control of Management.
