Fidelity National Financial now says criminals stole data belonging to 1.3 million customers after breaking into its computer network in November.
The mortgage giant, which has assets totaling $74 billion and is one of the largest providers of title insurance and settlement services in the United States, disclosed the “cybersecurity incident” in an 8-K filing with the SEC that same month.
At the time, the company said the digital intrusion forced it to shut down some IT systems and disrupt some of its services related to title and mortgage lending.
The ALPHV/BlackCat ransomware gang claimed responsibility for the attack shortly after, although the team revealed few details about the data they allegedly stole. It was before the police grasped the gang’s dark web site in December.
FNF has not yet described the incident as a ransomware infection and did not respond to our request. The registerquestions the nature of the cybersecurity incident.
In a modified 8-K report filed Tuesday, the FNF provided additional details about the intrusion that it said were based on the findings of its forensic investigation, which concluded Dec. 13.
“We have determined that an unauthorized third party accessed certain FNF systems, deployed a type of malware that does not self-propagate, and exfiltrated certain data,” the SEC filing states. “The company has no evidence that any customer-owned system was directly impacted by the incident, and no customers have reported that this occurred. The last confirmed date of unauthorized third-party activity in the Company’s network was on November 20, 2023.”
FNF also said it had notified about 1.3 million customers whose data had been stolen and would provide credit monitoring and identity services to those affected.
The company added that it “has been named as a defendant in several lawsuits related to this incident.” And she still says that “at this time, we do not believe the incident will have a material impact on the company.”
By doing so, it may believe it can absorb any financial impact resulting from the cyberattack. Another mortgage lender, Mr Cooper, said last month it planned to spend at least $25 million cleaning up its previous security breach, which saw almost 14.7 million pieces of data stolen. FNF’s annual profit in 2022 was over $1 billion and exceeded $500 million in its fiscal year to date; he can probably take the hit.
In addition to these two financial services companies, LoanDepot said Monday that it is experiment a “cyber incident” that took some systems offline. The lending giant, in a subsequent SEC filing, provided additional details about the security issue, which resembles ransomware.
“While our investigation is ongoing, the Company has determined that unauthorized third-party activity included accessing certain Company systems and encrypting data,” LoanDepot said in its statement. 8-K Report.
Fidelity continues to “implement measures to secure its business operations, bring systems back online and respond to the incident,” it added. ®