Earlier this year, the U.S. Department of Housing and Urban Development (“HUD”) released an unannounced and immediately effective Cyber Incident Reporting Requirement (the “Original Requirements”) in Mortgagee Letter 2024-10, which imposed onerous requirements for Federal Housing Administration (“FHA”)-approved Mortgagees. These requirements included a 12-hour notification to HUD of even suspected incidents or incidents that violated [...]
