Following reports of a cyberattack at Fidelity National Financial, containment measures taken at the
In a
"The services we provide related to title insurance, escrow and other title-related services, mortgage transaction services, and technology to the real estate and mortgage industries, have been affected by these measures," it said in an SEC 8-K filing.
"Based on our investigation to date, FNF has determined that an unauthorized third party accessed certain FNF systems and acquired certain credentials," the report said. In order to limit damage from the incursion, the company said it blocked electronic access to some of the services it normally provides.
Ransomware group Alphv/Blackcat, which engineered an
Some customers of Fidelity National and its subsidiaries said they remain unable to obtain account information online or by phone, according to Techcrunch. Concerns have also been raised about the short-term ability to close escrow among FNF clients.
The troubles at FNF are the latest in a series of cyber security incidents mortgage-related businesses have encountered this year. In another high-profile attack in late October, a data breach at national lender and servicer Mr. Cooper left many clients unable to access their accounts for over a week. That breach has so far resulted in
Any sizable corporate victim in a cyberattack could spend weeks to determine the full extent of damage and type of information compromised, according to cybersecurity firm Digital Silence. Shutting down account access comes as an unwanted but necessary step to finding a solution, especially with attacks coming through web applications, a common fraud strategy.
"If there's a concern that a piece of technology in your environment was the initial point of compromise… you really want to make sure that you understand what they did to it, so you don't re-create the same problems," said J-T Gaietto, Digital Silence principal and chief of staff.
The greater quantity of data held by a business multiplies the time it takes to see the full picture after a cyber incident. "If I've got 10 records, it's really easy to see what I've lost. If I've got 10,000 records, it gets a lot harder. Now expand that across hundreds of thousands of records — terabytes upon terabytes of data," Gaietto said.
Fidelity National is also not the first title insurer to find itself dealing with the aftermath of an unanticipated cyber event. In 2019,
This week, New York State issued an additional $1 million penalty on First American for the same breach after a multiyear investigation. In addition to the monetary fine, the company agreed to implement more robust remedial measures to better secure consumer data.
"First American failed to maintain and implement effective governance and classification, access controls and identity management and risk assessment policies and procedures," the state's department of financial services said in a press release.
In 2021,