First American latest to report a cyber incident

Details about a cybersecurity incident, the latest in a series affecting mortgage and related businesses, at First American Financial remain scant at this time, including the depth of the breach.

"First American Financial Corporation has experienced a cybersecurity incident," a statement issued on Dec. 21 reads. "In response, the company has temporarily taken certain systems offline and is working to return to normal business operations as soon as possible."

The statement was placed on firstamupdate.com, which the company said it will update with the latest information. First American did not have any additional comments beyond the statement, which it also posted on X, formerly known as Twitter.

"No substantive additional information surrounding the incident was provided," a note from Bose George at Keefe, Bruyette & Woods read. 

Other companies that recently had to work through cybersecurity incidents are First American's larger rival Fidelity National Financial, as well as mortgage lender and servicer Mr. Cooper.

"While Mr. Cooper has quantified the impact they expect their breach to have on 4Q earnings, FNF has not," George added in his note.

It is not the first time First American had its systems breached, A 2019 incident may have allowed unauthorized access to more than 885 million records containing sensitive personal information going back to 2003.

As a result, First American entered into two legal settlements, the first in 2021 to the Securities and Exchange Commission in which it paid a $487,616 penalty for disclosure violations.

Then, just three weeks ago, the title company settled a complaint with the New York State Department of Financial Services for $1 million to cover the 2019 incident.

Another major incident took place in 2021 when title production software company Cloudstar was shut by a ransomware attack.