Cabot Financial acts for around 80 credit unions and other lenders, including banks. It also bought distressed mortgages in the past. Its website and some of its phone lines have been disabled by the attack.
In a statement to the Irish Independent, Cabot Financial said it is dealing with a cyber attack and said it was working with IT experts to protect the personal and financial details of customers in case these have been accessed by hackers.
“Cabot Financial Ireland (Cabot) has advised the Central Bank of Ireland, the Data Protection Commissioner and the National Cyber Security Centre that it is dealing with a suspected cyber attack. The company is addressing the matter with urgency,” the company said.
It said it was doing everything it can to minimise any detriment to customers. The firm said it is also working to ensure any payment arrangement and Central Credit Register impacts are appropriately addressed.
Today’s News in 90 Seconds – October 12th
“The company is working with expert third parties to ensure all appropriate steps are taken where personal data of customers may have been accessed,” the firm said.
It said it will provide any necessary updates to customers directly and recommends customers contact them directly if they have been approached by a party they do not recognise.
Cabot Financial said it is continuing to operate most telephone lines and is working to have all lines open as soon as possible. Customers dealing with the company may experience delays as additional security measures are deployed, it said.
A spokesperson for the Data Protection Commission (DPC) said: “We can confirm that we received a breach notification from Cabot Financial on October 4 and it is currently under assessment.”
The Central Bank, the regulator of Cabot Financial, was asked if the integrity of Cabot’s records have been compromised by the data breach and what that will mean for debt collection going forward.
It referred to an earlier response, when it said it was “aware of an issue that Cabot is dealing with”.
A chief executive of a leading credit union that deals with Cabot said some details of thousands of consumers may have been compromised. He said some credit unions have outsourced their entire credit control functions to Cabot.
The credit union boss, who did not want to be named, criticised Cabot for what he said was a lack of information given to credit unions about the breach.
He said Cabot Financial was slow to fully disclose what had happened, saying: “Credit unions are not angry that this has happened. Cyber attacks happen. But credit unions are really angry at the lack of information from Cabot.”
He said it was not clear how Cabot was responding to fears that “sensitive information” may now be in the hands of hackers.
The fear is that hackers have access to the names, addresses, emails, amounts of money owed and payment details of people it is collecting debts from, following the data breach.
In 2019 Cabot Financial was the subject of a data breach that was reported to gardaí, the Central Bank and the DPC.
It was feared sensitive information had been disclosed.
This included contact information and financial details, including the amount of the outstanding balances people owe on their mortgages.