Ellie Mae, a provider of enterprise level, on-demand automated solutions for the residential mortgage industry, concluded that the recent outage to its Encompass services was not a result of a malicious attack and confirmed that there was no breach of customer data.
The characteristics of the outage initially appeared to the company to be consistent with a distributed denial of service (DDoS) attack.
Ellie Mae reports outage caused by external attack
However, according to a release from Ellie Mae, after a thorough review of the incident, Ellie Mae concluded that there was no malicious attack on its systems. Accordingly, the company confirmed there was no breach of client or personal borrower data. The unexpected surge in service requests to Web servers that resulted in the outage on March 31was triggered by a confluence of factors involving network, hardware, software and demand for service.
Since the incident, Ellie Mae has added capacity and redistributed traffic across its data centers. The IT infrastructure has been functioning normally since April 1.
Sig Anderman, chief executive officer of Ellie Mae, said, “We are pleased to confirm there was no breach of client or borrower data. We sincerely apologize to our clients and any affected borrowers for the unavailability of Encompass services during the outage, and thank them for their patience and understanding as we worked to bring the system back to normal functioning levels. We are focused on continuing to enhance our systems to deliver the functionality, reliability and scalability our clients need to run their businesses, remain compliant and originate high-quality loans efficiently.”