I have received quite a few emails from the field in regards to the Encompass outage that we experienced on Monday and Tuesday of this week. There are a lot of theories and articles flying around in regards to what actually happened, most of them calling it a “hack”. So I thought it would be good to share with all of you what we were told by EllieMae. The information below will be a tad bit on the “geeky” side but I will try to do my best to make it non-geeky.
The “Hack” in question was actually a DDoS Attack. DDoS stands for Distributed Denial of Service. What a DDoS attack consists of is hundreds, thousands, or hundreds of thousands infected computers (Called bots) sending thousands of requests per second to an internet site. The purpose is to saturate the site with traffic so that it is slow, crashes, or just simply becomes unavailable. In a real world scenario just imagine trying to get to Disneyland if everyone in California tried to go to Disneyland at the same time. Chances are you aren’t going to see Mickey anytime soon in that scenario.
The term “Hack” is being misused in these articles simply because the purpose of a Hack is to gain unauthorized access to a victims network. Now, sometimes a DDoS attack can be used in conjunction with a Hack, but EllieMae has stated that they have no evidence that anyone was able to penetrated their network. In short, all of our borrowers information was kept safe.
EllieMae’s explanation of a DDoS attack fits the facts of what happened over those two days for us. EllieMae has employed an external forensic team to help with their investigation. It is possible that this external team may uncover further information and I will relay that information to you as we get it. The number one concern we have as a company is and always shall be to make sure we protect the integrity of our customers private information. If you or any of your borrowers/Realtors are concerned, you can point them to EllieMae’s press release.
Jason C. Frazier