Recently, Lending Tree, LLC confirmed that the company suffered a data breach after discovering a “code vulnerability” on its website. According to Lending Tree, the breach resulted in certain people’s names, addresses, social security numbers and dates of birth being compromised. However, a third-party outlet has identified files on the dark web containing additional data types, allegedly from the Lending Tree breach. On June 29, 2022, Lending Tree filed a formal notice of breach and sent data breach letters to all affected parties.

If you have received a data breach notification, it is essential that you understand what is at risk and what you can do about it. To learn more about how to protect yourself against fraud or identity theft and what legal options are available to you following the Lending Tree data breach, please see our recent article on the subject. . here.

Lending Tree’s version of the recent data breach

According to an official notice filed by the company, on June 3, 2022, Lending Tree detected a “code vulnerability” that the company says “likely resulted in the unauthorized disclosure of certain sensitive personal information.” After investigating the incident, Lending Tree believes the vulnerability had been in place since mid-February 2022.

After discovering that sensitive consumer data may have been compromised, Lending Tree then reviewed the affected files to determine exactly what information was involved. Although the information disclosed will vary depending on the individual, it may include your name, social security number, date of birth, and mailing address.

On June 29, 2022, Lending Tree sent data breach letters to everyone whose information was compromised as a result of the recent data security incident.

Lending Tree, LLC operates an online loan marketplace that offers various types of consumer loans, including auto loans, small business loans, personal loans, credit cards, and others. The company also provides price comparison services for automobiles and educational programs. Lending Tree, LLC is based in Charlotte, NC, with offices in the San Francisco Bay Area, New York, Chicago, Seattle, and elsewhere nationwide. Over the past few years, Lending Tree has acquired various related businesses, including Thrive, SimpleTuition, CompareCards, DepositAccounts.com, MagnifyMoney, SnapCap, Student Loan Hero, QuoteWizard, and ValuePenguin. Lending Tree employs over 1,425 people and generates approximately $1 billion in annual revenue.

Conflicting reports regarding loan tree breach

The above information is all based on Lending Tree’s official statements regarding the breach. However, according to a news source, Lending Tree leaves out some very important facts.

The website RestorePrivacy, reported on Lending Tree’s breach after confirming that several users were in possession of consumer data that appeared to have been obtained from Lending Tree. According to the report, two dark web users apparently disagreed over whether to publish the leaked data for free or sell it for a fee. One of the users became unhappy with the other, and they then released the data for free public access on June 18, 2022.

RestorePrivacy reviewed the data, verifying that the information in the files appears legitimate. For example, they cross-checked names and addresses to see if they matched public records, finding that they did. Although not all log entries have been verified, it appears that 200,643 people were affected by the Lending Tree breach.

The information in the leaked files also appears to be more than Lending Tree indicated. According to RestorePrivacy, compromised data includes:

• E-mail address

• Name (first and last name)

• Physical address

• Phone number

• IP adress

• Date and time of loan form submission

• Prospect source (LendingTree.com)

• Type of loan sought by the applicant

• Description of the house

• Credit Profile Score

• Use of property

• military status

• house price

All entries appear to be from October to November 2021.

Obviously, there are still questions about the Lending Tree data breach. Data breach attorneys are currently investigating the incident to determine if the parties involved have any legal recourse against Lending Tree or any other company.