Fidelity National Financial subsidiary says 1.3 million people affected by November cyberattack

A subsidiary of title insurance giant Fidelity National Financial reported a data breach to state regulators this week after a cyberattack in November.

LoanCare, one of the largest providers of loan servicing services, told officials at Maine And California that 1,316,938 people were accessed information by hackers who breached Fidelity National Financial – their parent company.

“On or about November 19, 2023, LoanCare, which performs or has performed loan outsourcing functions for your mortgage servicer, became aware of unauthorized access to certain systems within its information parent company, Fidelity National Financial, Inc. (“FNF”). technology network,” they said.

“Based on our investigation, we understand that your name, address, social security number, and loan number may have been obtained by an unauthorized third party. »

The notice adds that Fidelity National Financial notified law enforcement and government agencies about the attack after opening an investigation and hiring third-party cybersecurity experts.

Although they confirmed that the incident had been contained, they claimed that the hackers had successfully exfiltrated the data. Victims are offered two years of identity protection services from Kroll.

LoanCare was bought by Fidelity National Financial in 2009 for $16.3 million. The attack on Fidelity National Financial – which resulted in hundreds of home purchases last month in the US – was claimed by the AlphV/Blackcat ransomware gang.

Real estate agents, home buyers and many others were left in the lurch for days after the attack because home sales could not be finalized. Fidelity National Financial owns dozens of regional title companies such as the New York national title, the Chicago title, the Alamo title and the Commonwealth land title.

Shortly after this attack, the AlphV gang leak site was grasped by the FBI and other law enforcement agencies as part of a disruption operation that allowed them to access over 900 public/private key pairs controlling the infrastructure of AlphV’s darknet website.

The Cybersecurity and Infrastructure Security Agency (CISA) said that as of September 2023, the group’s subsidiaries “have compromised more than 1,000 entities – nearly 75% of which are in the United States and approximately 250 outside the United States – and demanded more than $500 million, and received nearly $300 million in ransoms.

The attack on Fidelity National Financial was part of a larger run of attacks on critical financial institutions by ransomware gangs this fall. Last week, one of the largest mortgage servicers in the United States said that information from nearly 14.7 million people was disclosed during a previously reported cyber attack in October.

Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.