$20 Million Fine Against Bayview Asset Management for Cybersecurity Failures Impacting 5.8 Million Customers

$20 Million Fine Levied Against Bayview Companies

01/08/2025

Tallahassee, Fla. – Today, the Office of Financial Regulation (OFR) and 52 state financial regulatory agencies announced a coordinated enforcement action against Bayview Asset Management LLC, and three of its affiliates, Lakeview Loan Servicing, Community Loan Servicing, and Pingora Holdings, for deficient cybersecurity practices and failing to fully cooperate with state regulators following a data breach that impacted 5.8 million customers.

In addition to the $20 million penalty, the Bayview companies have agreed to take specified corrective actions, improve cybersecurity programs, undergo independent assessments, and provide three years of additional reporting to state regulators.

“Today’s action highlights the need for financial services companies to take seriously their customer data safety responsibilities,” said Commissioner Russell C. Weigel, III. “The Office of Financial Regulation will continue to work tirelessly with our partners to protect Floridians and ensure the integrity of Florida’s financial services market.”

The multistate effort found that the Bayview companies’ information technology and cybersecurity practices did not meet state or federal requirements. Further, the Bayview companies delayed the supervisory process by failing to comply with state requests in a timely or complete manner in the early stages of the examination.

Florida residents with questions about the settlement should contact the OFR at (850) 487-9687. Floridians can also visit www.flofr.gov to verify that a financial services company is licensed to do business in Florida and view past enforcement actions.

)