FHA Publishes Cybersecurity Reporting Requirements

FHA Publishes Cybersecurity Reporting Requirements

As part of its ongoing efforts to protect the integrity of its systems and technology, the Federal Housing Administration published Mortgagee Letter 2024-10 to implement new procedures for reporting cyber-attacks.

Effective immediately, FHA-approved mortgagees that experience a potential or actual cyber incident must notify HUD via the FHA Resource Center at answers@hud.gov and HUD’s Security Operations Center at cirt@hud.gov within 12 hours of detection with the required information as outlined in the ML.

Once notified of an incident, representatives from HUD will contact the designated representative from the institution reporting the incident to determine the appropriate mitigation steps based on the nature of the incident.

Published by

Darryl Hicks

Darryl Hicks is Vice President of Communications for the National Reverse Mortgage Lenders Association. In this capacity, Hicks writes for NRMLA's publications, manages the association's web sites and social media accounts, assists committees and the Board of Directors, and manages the Certified Reverse Mortgage Professional designation. Prior to joining NRMLA in 1999, Hicks spent three years in the Washington, D.C. bureau for National Mortgage News.