Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November.
At the time, the corporation said the digital break-in forced it to shut down some IT systems and disrupted some of its title and mortgage-related services.
Ransomware gang ALPHV/BlackCat claimed responsibility for the attack shortly after, though the crew revealed few details about what data they allegedly stole.
This was before law enforcement seized the gang's dark-web site in December.
FNF also has yet to describe the incident as a ransomware infection, and did not respond to The Register's inquiries about the nature of the cybersecurity incident.
In an amended 8-K report filed on Tuesday, FNF provided additional details about the intrusion that it said were based on the findings of its forensic investigation, which was completed on December 13.
FNF also said it notified about 1.3 million customers whose data was stolen, and will provide credit monitoring and identity services to those affected.
By that, it may think it can absorb any financial hit from the cyberattack.
Another mortgage lender, Mr Cooper, last month said it expects to spend at least $25 million cleaning up its earlier security breach, which saw almost 14.7 million people's data stolen.
FNF's 2022 annual profit was over a billion dollars, and has crossed $500 million in its financial year to date; it can probably take the hit.
The loan giant in a subsequent SEC filing provided additional details about the security snafu, which sounds like ransomware.
This Cyber News was published on go.theregister.com. Publication date: Wed, 10 Jan 2024 23:43:07 +0000