Cyber attack will impact First American's 4Q results

A pre-Christmas cyber event at First American is set to hit its bottom line, but the longer-term effect of the damage should have limited impact on the rest of 2024, the company said.  

In an 8-K filed with the Securities and Exchange Commission late last week, the provider of title insurance and other real estate services said the disruption to business meant missed revenue for the fourth quarter.

"As a result of the incident, certain transactions that would have been consummated in the fourth quarter of 2023 were delayed and, consequently, revenue from those transactions will not be recognized until the first quarter of 2024," the 8-K said.

"While the company expects the incident to have a material impact on the fourth quarter of 2023 results of operations, the company does not believe the incident will have a material impact on the company's overall financial condition or on its ongoing results of operations," the filing said. 

First American first detected unauthorized access to its technology system on Dec. 20 and temporarily isolated its website and email system, a move which left customers unable to communicate or conduct transactions for several days over the subsequent holiday weekend. Functionality began to be restored in the week after Christmas.     

On top of delays, some closings and other transactions that were expected to take place at First American at the end of the year instead moved to different providers, also resulting in lost revenue, the company said. First American indicated that some notifications from agents of title issuances, which supports its bottom line, were pushed until the first quarter this year as well. 

"In the fourth quarter of 2023 the company also incurred one-time expenses as a result of the incident," the Santa Ana, California-based enterprise said.

Earlier this year, First American disclosed perpetrators had stolen data during the cyber attack. In addition to exfiltrating information, the company believed fraudsters had "encrypted data on certain non-production systems." Company officials said it had contacted law enforcement officials. 

The immediate effect on financial earnings will likely come as little surprise to investors, according to research analysts at Keefe, Bruyette & Woods, but markets are still awaiting to see how large a dent it may make on anticipated revenue. The company is scheduled to report fourth-quarter and full-year 2023 earnings on Feb. 8. 

Long-term damage on the company's equity value is likely limited, KBW said. "Since this incident will not impact forward earnings, we do not expect it to have a meaningful impact on the shares," researchers Bose George, Alexander Bond and Thomas McJoynt-Griffith wrote in a statement this week.

In the third quarter of 2023, First American reported a $1.7 million loss, on the back of net investment profits falling into the red. Open title orders during the quarter clocked in at approximately 157,000. Its title insurance segment generated $1.5 billion in revenue.

Meanwhile, the title insurance industry as a whole saw business decline in the third quarter by 24% annually, as it dealt with dwindling loan originations and home sales. Companies wrote $4.1 billion in premiums between July and September. 

The cyber incident at First American came just a month after a similar attack on fellow title insurance provider Fidelity National, an event which has resulted in eight class action suits lodged thus far against the company or its subsidiaries. Fraudsters involved with ransomware giant Alphv/Blackcat have claimed responsibility for the Fidelity National attack. 

In a separate 2019 incident, First American also experienced a months-long data breach, which to date has led it to pay almost $1.5 million in penalties to the SEC and New York State.