The company is offering affected individuals credit monitoring and identity theft restoration services
WEI Mortgage has announced that the email accounts of some of its employees were improperly accessed after an email phishing attack, putting the security of some personal information at risk.
The company said that in September, it received reports of unusual activity in an employee's email account. An investigation was immediately opened to confirm the security of its network and to determine the nature and scope of this event.
WEI Mortgage found that an email phishing attack resulted in unauthorized access to some employee email accounts. With the assistance of third-party forensic investigators, the company found that these email accounts were subject to unauthorized access between Sept. 13 and Sept. 28.
While the information present in the impacted email accounts varies, the personal data may include some combination of the following: Social Security number, date of birth, health insurance information, health insurance group number, health insurance member number, address, driver's license or state identification number, passport number, bank account information, credit or debit card information, tax identification number, username and password, loan package information, and name.
WEI Mortgage said the investigation did not show any evidence of actual or attempted misuse of personal information.
Following the breach, WEI Mortgage said it is educating its employees about phishing scams and confirming the ongoing security of its networks. The company has also notified law enforcement and the applicable state regulators of the incident as required by law.
As an added precaution, the company is offering affected individuals access to 24 months of credit monitoring and identity theft restoration services through AllClear ID at no cost.