The data breach that
The title insurer and real estate services provider Tuesday disclosed the scope of the hack for the first time in a Securities and Exchange Commission filing. First American hasn't defined the hack as a cyberattack, but said its probe was completed and that individual's personal information may have been accessed without authorization.
The incident, discovered Dec. 21, forced First American's systems to go offline for a week, a move which led its competitors to pick up its business. First American
The company said it would notify potentially affected clients and offer them complimentary credit monitoring and identity protection services. Tuesday's announcement was posted underneath a company disclosure regarding election results for its board of directors.
The hack on First American came amid a wave of cyberattacks on mortgage players, including major hits to
First American
Cybercriminals are likely to use First American's infrastructure to "island hop" to other financial services players, said Tom Kellermann, senior vice president of cyberstrategy at Contrast Security. He warned of the threat of home equity fraud, where a criminal could establish a line of credit against someone else's home.
"Inevitably the owner of the home is the one that's penalized by the system for not paying their debt," he said. "And that is increasing. That is my biggest concern regarding this breach."