Following a
In a filing with the Maine attorney general's office last week, Loancare revealed personal identifiable information, including Social Security numbers, of 1,316,938 customers were exposed in the event, which occurred on Nov. 19.
In correspondence being sent to affected clients, the Virginia Beach, Virginia-based company said it "determined that an unauthorized third party exfiltrated data from certain FNF systems," while noting it had not seen any fraudulent use of customer information thus far.
"Based on our investigation, we understand that your Name, Address, Social Security Number, and Loan Number may have been obtained by the unauthorized third party," the letter added.
As part of requirements to protect potential victims, Loancare is offering 24 months of
While Fidelity National attempts to address the fallout, neither it nor any of its subsidiaries have identified the perpetrators of the attack, although the notorious ransomware group Alphv/Blackcat claimed responsibility.
The Maine filing came just days after
And in an unwelcome recurrence to end the year, First American also
As of midday Tuesday, First American's website was still offline with updates provided through an affiliated link, firstamupdate.com. The latest hack occurs just weeks after the company paid a $1 million penalty to New York State following a months-long data breach in 2019.
The current event caught the attention of Fitch Ratings, who said it was monitoring the situation. The agency, though, affirmed its ratings of First American's title insurance subsidiaries despite ongoing difficulties, citing its role as the second largest residential title insurer in the U.S. as well as a leader in the commercial market.
"However, the ratings could be impacted the longer business operations remain constrained, if the investigation shows weak corporate governance or risk management, or material adverse information is disclosed," Fitch added.
The situation at First American is the third major cybersecurity incident to hit mortgage and title industries in as many months. In October, cyber criminals infiltrated systems at servicer Mr. Cooper, who