LendingTree Data Breach Investigation

The Lyon Firm is actively involved in class action personal privacy and data theft cases and is currently investigating LendingTree data breach claims on behalf of plaintiffs nationwide.

A threat actor has released a large data set on a popular hacking forum that allegedly came from LendingTree.com. LendingTree has begun sending out data breach notification letters, and reports suggest that private information from 200,643 loan applications from the United States may have been leaked.

LendingTree LLC is a company based in Charlotte, North Carolina, specializing in connecting consumers with lenders. Consumers can complete loan applications on the website and then compare different lending options, credit cards, and insurance.

Such a security breach, if confirmed, would put thousands of people at risk for identity theft and financial fraud, as well as put them at risk for targeted attacks regarding home loans. Cybercriminals can use private information like names, addresses, phone numbers, and credit scores to open accounts in a victim’s name and possibly finalize financial transactions.

What Happened?

On June 3, 2022, LendingTree may have experienced a data breach in which the sensitive personal identifiable information of individuals was compromised. LendingTree determined that a code vulnerability likely resulted in the unauthorized disclosure of some sensitive personal information. According to letters sent to victims, the company believes the unauthorized disclosure began in mid-February 2022.