Mario Treto, Jr. Secretary at Illinois Department of Financial and Professional Regulation | Official website
Mario Treto, Jr. Secretary at Illinois Department of Financial and Professional Regulation | Official website
Illinois and 52 other state financial regulatory agencies have imposed a $20 million penalty on Bayview Asset Management LLC and its affiliates—Lakeview Loan Servicing, Community Loan Servicing, and Pingora Holdings—over inadequate cybersecurity measures and lack of cooperation with regulators after a data breach that affected 5.8 million customers.
The action was coordinated among the states to address both the failure to meet cybersecurity standards required by law and the companies’ delayed response to supervisory requests during the investigation. State regulators from California, Maryland, North Carolina, and Washington led the multistate inquiry, which concluded that Bayview Companies’ information technology practices did not comply with federal or state regulations.
“Safeguarding the personal information of Illinois consumers is a top priority for the Illinois Department of Financial and Professional Regulation (IDFPR),” said IDFPR Secretary Mario Treto, Jr. “We encourage businesses with concerns about cybersecurity compliance and best practices to work with IDFPR’s Division of Banking to ensure their customers are protected.”
The $20 million fine will be accompanied by a corrective plan intended to bring Bayview Companies into compliance with consumer data protection requirements.
Alerts Sign-up