Hackers Stole Data of 1.3 Million Financial National Fidelity Users

Hackers stole data from more than 1.3 million Fidelity National Financial customers when the giant real estate services firm was hit with a ransomware attack in November 2023 that shut down the company's operations for a week.
The company wrote that it completed its investigation of the attack December 13 but didn't give much detail in the SEC filing about the nature of the breach, what kind of information was stolen, though it did say it is providing 24 months of credit and web monitoring and identity theft restoration services from financial advisory firm Kroll to those effected.
In a notice with the state of Maine, LoanCare - a company bought by FNF in 2009 that services mortgage loans for banks and other financial services organizations - said that Social Security numbers were taken by the attackers.
FNF executives in the SEC filing said they are still working with law enforcement, customers, and regulators and that the cyberattack shouldn't have a material impact on its operations.
The company, which has almost 29,000 employees, said it discovered an intrusion into some of its system November 19 and that it finally contained the incident November 26.
The last evidence of hacker activity in its systems was November 20.
After detecting the unauthorized activity, the FNF kicked off an investigation and brought in outside cybersecurity experts for help.
Executives also notified law enforcement and regulatory agencies.
The company blocked access to certain systems, which they said disrupted some operations.
There were reports of people and companies unable to complete transactions, such as mortgage payments and house purchases, during the time those systems were down.
The high-profile ransomware group BlackCat - or ALPHV - claimed responsibility for the attack and listed FNF on its dark web data leak site, though the company has since been removed in a possible sign that a ransom had been paid.
The Russia-linked group has been among the most active ransomware-as-a-service gangs in recent years.
According to the Justice Department, BlackCat has claimed more than 1,000 victims, including financial services firms as well as schools and healthcare organizations, and collecting hundreds of millions in paid ransoms.
In late December, the DOJ and FBI said it took down the RaaS group's online operations and created a decryptor tool that could help more than 500 victims reclaim their encrypted files.
The financial services industry continues to be an attractive target for ransomware and other threat groups.
According to a report by cybersecurity firm Sophos in July 2023, the number of ransomware attacks in the sector has jumped in recent years, from 34% of financial services organizations surveyed in 2021 falling victim to 64% last year, thanks in part to the widespread hack of a vulnerability in Progress Software's MOVEit file transfer tool by the Cl0p ransomware operation starting in May 2023.
As of this week, 2,730 organizations and more than 94.2 million people were affected by breaches using the MOVEit tool, according to cybersecurity firm Emsisoft.
Other financial services firms that have been hit with recent data breaches include mortgage lender loanDepot, which this month in a SEC filing disclosed a ransomware attack in which the bad actors accessed some systems and encrypted data.
Another mortgage firm, Mr Cooper, said in a filing with the state of Maine last month that a security breach in October 2023 that the private information of almost 14.7 million people - such as addresses, Social Security numbers, and bank account numbers - was stolen.


This Cyber News was published on securityboulevard.com. Publication date: Thu, 11 Jan 2024 17:43:04 +0000


Cyber News related to Hackers Stole Data of 1.3 Million Financial National Fidelity Users

Fidelity National Financial subsidiary says 1.3 million affected by November cyberattack - A subsidiary of title insurance giant Fidelity National Financial reported a data breach to state regulators this week after a cyberattack in November. LoanCare, one of the largest providers of loan subservicing services, told officials in Maine and ...
11 months ago Therecord.media
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Fidelity National Financial: Hackers stole data of 1.3 million people - Fidelity National Financial has confirmed that a November cyberattack has exposed the data of 1.3 million customers. FNF is an American title insurance and transaction services provider for the real estate and mortgage industries. It is one of the ...
11 months ago Bleepingcomputer.com
X Value Down By 79 Percent Since Elon Musk | Silicon UK - CNN, citing estimates from investment giant Fidelity, reported that X is now worth almost 80 percent less than two years ago when Elon Musk finally concluded his controversial acquisition in late October 2022. That is down from the $19.66 million the ...
2 months ago Silicon.co.uk
Hackers Stole Data of 1.3 Million Financial National Fidelity Users - Hackers stole data from more than 1.3 million Fidelity National Financial customers when the giant real estate services firm was hit with a ransomware attack in November 2023 that shut down the company's operations for a week. The company wrote that ...
11 months ago Securityboulevard.com
Fidelity Faces Second Data Breach Linked to Third-Party Provider: Infosys McCamish - Fidelity Investments Life Insurance Company faces another data breach challenge as it discloses a breach affecting a significant number of individuals. The breach, linked to third-party service provider Infosys McCamish, heightens worries over data ...
9 months ago Cysecurity.news
ALPHV ransomware claims loanDepot, Prudential Financial breaches - The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. The two companies were added to ALPHV's dark web leak site today, with the threat ...
10 months ago Bleepingcomputer.com
Mortgage firm LoanCare warns 1.3 million people of data breach - Mortgage servicing company LoanCare is warning 1,316,938 borrowers across the U.S. that their sensitive information was exposed in a data breach at its parent company, Fidelity National Financial. LoanCare is a sub-servicing and interim sub-servicing ...
11 months ago Bleepingcomputer.com
A Comprehensive Look at the Financial Firms in European Union and Their Rules on Cloud-Based Services - Today's technology has opened up a world of possibilities for financial firms, especially with cloud-based services. Financial institutions are now able to access a great deal of information over the internet in an efficient and timely manner. ...
1 year ago Tripwire.com
FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
10 months ago Bleepingcomputer.com
Fidelity National says 1.3M customers' data stolen last year The Register - Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November. At the time, the corporation said the digital break-in forced it to shut down some IT systems and ...
11 months ago Go.theregister.com
Data Breach Impacts LoanCare Customers - Over 1.3 million customers across the U.S. are being alerted by mortgage servicing company LoanCare that a data breach at its parent company, Fidelity National Financial, may have compromised their private information. With 1.2 million loans and $390 ...
11 months ago Heimdalsecurity.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
6 months ago Cisa.gov
US offers up to $15 million for tips on ALPHV ransomware gang - The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. An additional $5 million bounty is also available for tips on individuals ...
10 months ago Bleepingcomputer.com
T-Mobile pays $31.5 million FCC settlement over 4 data breaches - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
2 months ago Bleepingcomputer.com
Hackers Stole Cryptocurrency Worth $2 Billion in Year 2023 - As per crypto security firms, this was the first time since 2020, that the trend has been declining. Based on dozens of cyberattacks and thefts this year, hackers stole over $2 billion in cryptocurrency, according to De.FI, the web3 security company ...
11 months ago Cysecurity.news
Entertainment giant National Amusements says more than 82,000 affected by cyberattack - National Amusements - which controls a sprawling empire of popular entertainment and news brands - announced a data breach last week that affected more than 82,000 people. An investigation found that the hackers had access to files on the company's ...
11 months ago Therecord.media
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
9 months ago Bleepingcomputer.com
23andMe confirms nearly 7 million customers affected in data leak - Nearly 7 million 23andMe customers had their profile data leaked in a cybersecurity incident in October, a company spokesperson confirmed to SC Media on Monday. The vast majority of the leaked data was scraped from the site's DNA Relatives feature ...
1 year ago Packetstormsecurity.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com
First American becomes latest real estate industry giant hit with cyberattack - Title insurance company First American confirmed Thursday that it is dealing with a cyberattack. First American provides title insurance and settlement services for real estate companies and mortgage providers. It reported revenues of $7.6 billion in ...
11 months ago Therecord.media
Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
1 year ago Bleepingcomputer.com
China's MIIT Proposes Color-coded Contingency Plan for Security Incidents - On Friday, China proposed a four-tier classification system, in an effort to address data security incidents, underscoring concerns of Beijing in regards to the widespread data leaks and hacking incidents in the country. This emergency plan comes ...
1 year ago Cysecurity.news
$22 Million Wake-up Call to Improve Security - A former Jacksonville Jaguars staff member is facing the possibility of a 30-year prison sentence after admitting guilt to financial crimes, including embezzling over $22 million from the NFL team. Insufficient Internal Controls: In many cases, a ...
11 months ago Securityboulevard.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)