Fidelity National Financial has revealed that around 1.3 million customers' data may have been exposed during a ransomware attack it suffered in 2023.
The firm, which provides title insurance services to the real estate and mortgage industries, notified the Securities and Exchange Commission of the number of potentially impacted consumers in an updated filing on January 9, 2024.
The incident was first disclosed in November 2023, and forced FNF to take down certain systems, resulting in disruption to its business operations.
The ALPHV/BlackCat ransomware group subsequently claimed responsibility for the attack, announcing FNF's inclusion on their leak site.
The updated filing appeared to confirm the incident was a ransomware attack.
FNF said it has notified approximately 1.3 million potentially impacted consumers, and is providing them with credit monitoring, web monitoring and identity theft restoration services.
It is also continuing to coordinate with law enforcement, regulators and other stakeholders.
There is no evidence any customer-owned system was directly impacted in the incident, nor has it received any customer reports that this has occurred, the company said.
FNF successfully contained the incident on November 26, 2023, and full services have been restored.
The last confirmed date of unauthorized third-party activity in its network was November 20, 2023.
Details relating to how the attackers gained initial access into the firm's systems and the nature of the personal data that was exposed were not provided.
Earlier this week, retail mortgage lender LoanDepot revealed it had suffered a significant ransomware breach, leading to issues processing customers mortgage payments.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 11 Jan 2024 14:00:47 +0000