LeadCritic Exclusive:
View article for most recent updates…
It is expected to be announced today that a former LendingTree employee was caught in a elaborate lead selling scheme. This has not yet been verified by LendingTree, but was brought to my attention by a number strong and reliable sources. An ex-lendingtree employee, possibly partnered with a current LendingTree employee, accessed LendingTree’s database of live consumer data and sold the data to a mortgage company/s.
Apparently, because social security numbers were included in the stolen data the FBI has been very closely involved. This is a major breach of security for the trusted lead generator.
How many times did this ex-employee sell the data? How many current employees were involved on the inside? How many mortgage companies knowingly or unknowingly bought this data? These are all unknown questions but hopefully be answered today.
A press release is schedule to go out today. I will keep you posted.
Update:
This is an excerpt from an email sent out to all Lendingtree buyers:
Lenders:
Today we notified some of our customers that their previous LendingTree loan request forms may have been seen by a handful of lenders without our authorization. These lenders then used the forms to market their own mortgage loans to our customers. While we don’t believe that the forms were used for any other purpose, we wanted to let our customers know what happened and what we did to correct this situation, as well as what they can do to monitor their credit records.
We believe that this situation has no impact on you, yet we wanted you to be aware, and to see the materials we have sent to our customers. The materials are available on the LendingTree web site located here ….
Excerpts from the letter to the consumers:
Dear LendingTree Customer:
We want you to know that some loan request forms our customers sent to LendingTree may have been seen by lenders without our consent. These lenders then used the forms to market their own mortgage loans to our customers. While we don’t believe that the forms were used for any other purpose, we want you to know what happened and what we did to correct this situation, as well as what you can do to monitor your credit records.
What Happened and What We Did
Recently, LendingTree learned that several former employees may have helped a handful of mortgage lenders gain access to LendingTree’s customer information by sharing confidential passwords with the lenders. When we learned of this situation, we quickly contacted the authorities, and LendingTree is helping with their investigation. We promptly made several system security changes. We also brought lawsuits against those involved.
Based on our investigation, we understand that these mortgage lenders used the passwords to access LendingTree’s customer loan request forms, normally available only to LendingTree-approved lenders, to market loans to those customers. The loan request forms contained data such as name, address, email address, telephone number, Social Security number, income and employment information. We believe these lenders accessed LendingTree’s loan request forms between October 2006 and early 2008.
Wow, for two years this has been going on!!
Who was involved?:
What mortgage lenders were involved in accessing LendingTree’s customer information?
We brought a lawsuit against Newport Lending Group, Irvine, California; Home Loan Consultants, Inc., Newport Beach, California; and Sage Credit Company, Irvine, California, in connection with this incident.
Update 4/24/08:
An article by the LA Times stated the following:
The suit claims that former LendingTree Vice President Jarrod Beddingfield and former Senior Vice President David Anderson recorded the passwords of employees and outside lenders that were authorized to access LendingTree customers’ data.
LendingTree said it believed that Newport Lending or Southern California Marketing paid Beddingfield and Anderson for the passwords, then sold them, or the consumer information obtained with them, to the three other companies.
Beddingfield and Anderson could not be reached for comment.
I guess LendingTree doesn’t pay well or these two scum bags are really greedy. This is not going to be the only lawsuit these two guys see. I can see a number of other lawsuits from the consumers and the lead buyers that will trickle down to these two clowns.
.
.
.
When Banks Compete?
Anyway, another reason why consumers should work with a local provider.
[Reply]
oh yeah and there is no risk of Joe Local’s processor walking out the door with your financial information either.
[Reply]
This is BAD.
To be honest I would have expected to see this from one of the “smaller guys” not LT.
I reiterate, this is BAD.
This will cause customers who read about this to think twice about giving their information online.
[Reply]
I think this is a non event = no ID theft here – and actually – the consumers not only got the Lt promise of “lenders compete” but had a few more quotes to sift through. I wonder if those lenders actually closed any of these deals? anyone know these lenders?
[Reply]
Owen,
If the report here is true….do you think that the FBI is just involved because some leads were sold inappropriately?
Either way as a consumer and a buyer the lack of control at LT is concerning if this is indeed true.
[Reply]
We will have to wait an see if the FBI claim is true. It was reported to me from an inside source that is was true because of the involvement of SS #’s even though the identities or data were not used.
Owen,
Are you at all concerned that the leads you purchased could have been sold multiple times more then you were told and could have easily took sales away from your company? Maybe I am blowing it of proportion.
[Reply]
Owen,
You need to stop drinking the LT kool aid. LT has had lack control for quite sometime, it finally bit them in the butt.
Also to all you other lenders out there, how secure is your company. I know for a fact that many lenders allow their LO’s to print off screenshots of the LT leads to work from. How easy would it be for those print outs to walk out the door. Do you have security measures in place to shred personal info? BTW, any and all lenders are subject to this issue. If you do not have a security policy in place, you better put one in place soon. And for those of you who do, you better make sure it is working!
[Reply]
I wonder if the consumers have a case against LT and will file a lawsuit for negligence and for the fact they were contacted by more people then promised?
[Reply]
http://www.charlotte.com/business/story/590991.html
[Reply]
concerned – sure, and drinking the LT coolaid has been pretty good for us – now that LT has this identified and is addressing it – i guess we will be closing more –
identity security is a big issue for all of us – think of how many companies know your name, social and address – and speaking of identity…..
tree hugger and lead buyer – you have names?
[Reply]
Owen I sent you an email. I would rather not reveal my identity here.
[Reply]
LT was not hacked. LT has a web access system and high paid LOs making an average of $7,500 per Interest Only ARM Loan for LTs internal lending division, LT Loans. To understand LT Loans and the level of senior management driven crime, Google for the lawsuit where LendingTree promises “When banks compete you win”. This lawsuit stems from the reality that the consumer’s identity info went only to their own internal lender LT Loans. LT Loans then displayed wholesaler names as lenders to the consumer and closed loans internally with LT Loans.
Yes the LendingTree Senior Team knew there was risk in letting LT Loans manage their own leads without matching to lenders on their network as the original business model was founded on. Each person on the senior team had a million dollar+ bonus based upon LT Loan Revenue- would you imagine the smiles around the table in senior team meetings when deciding it is ok to match only to LT Loans with million dollar+ plus internal bonuses?
Note that the CEOs on both coasts and most of the VPs on that senior team have decided to pursue family interests after their bonus payouts in cash and stock incentives. The senior team laid off people who managed their systems, and then their senior team was negligent in managing consumer data. Loan Officers stopped making high commissions and sold consumer identities to multiple dishonest lenders. LendingTree Senior Executives did not deactivate passwords to the systems that hold the 70+ consumer data fields including your address, your cell phone number, and your social security number.
Do you think while having weekly senior team meetings each and every senior executive with a bonus based upon margins at Lending Tree Loans choose not see the risk in sending consumer information to an internal entity without monitoring simple password deactivation? For more than 6 months, 10,000 new consumer records a day- the senior team continued to allow LT Loans to operate without shutting down passwords in their legacy systems.
Don’t believe it?
Here is the still public link to the LendingTree consumer data- Live today April 22, 2008.
https://lenderweb.lendingtree.com/login.aspx?ReturnUrl=%2Fdefault.aspx
All you need is one of their 485 lenders passwords- I am sure any script kitty with a password sniffer can help you get anything you want just like the felons were allowed to do internally by the Lending Senior Team.
If you want to file a report about LendingTree Here is the link to the FBI Mortgage Fraud Division. http://www.fbi.gov/page2/march07/mortgage030907.htm
https://tips.fbi.gov/ Identity Theft Fraud for Profit and by Senior LendingTree Executives is a possible topic. The FBI has a field office in Charlotte about 30 minutes from LendingTree so take the 3 minutes to file an online form. Of course this is just my opinion…
[Reply]
seniorexe – how do you know this? did you work at LT? or LTL?
[Reply]
You really have to wonder why SSN is intermingled with their lead data. That is against several regulations. Bottom line from this security professional is that Lending Tree are idiots. Their response has been very poor and I hope they go out of business.
[Reply]
I think those lenders who purchased leads from LendingTree should sue LendingTree…. They probably were loosing loans to other guys, because of competing not with 4(as promised) but with nobody knows with how many….
I wondering if LendingTree offered any compensation to participating lenders?
[Reply]
Also to all you other lenders out there, how secure is your company. I know for a fact that many lenders allow their LO’s to print off screenshots of the LT leads to work from. How easy would it be for those print outs to walk out the door. Do you have security measures in place to shred personal info? BTW, any and all lenders are subject to this issue. If you do not have a security policy in place, you better put one in place soon. And for those of you who do, you better make sure it is working!
LT was not hacked. LT has a web access system and high paid LOs making an average of $7,500 per Interest Only ARM Loan for LTs internal lending division, LT Loans. To understand LT Loans and the level of senior management driven crime, Google for the lawsuit where LendingTree promises “When banks compete you win”. This lawsuit stems from the reality that the consumer’s identity info went only to their own internal lender LT Loans. LT Loans then displayed wholesaler names as lenders to the consumer and closed loans internally with LT Loans.
[Reply]