In the Fidelity National Financial attack, hackers stole data from more than a million customers
The recent cyber attack against Fidelity National Financial has been confirmed as a ransomware attack, with the company now confirming that sensitive customer data was compromised during the incident.
The company filed a report with the Securities and Exchange Commission (SEC), providing more details about the attack.
“We have determined that an unauthorized third party has gained access to certain FNF systems, deployed a type of malware that does not self-propagate, and exfiltrated certain data,” the filing said, adding that it “has been affected had notified customers and applicable authorities.” attorneys general and regulators, and approximately 1.3 million may impact consumers.”
BlackCat strikes again
The filing did not provide details on the type of data stolen in the attack, but TechCrunch noted that FNF said it will provide credit monitoring and identity theft services to affected customers, concluding that the data was likely sensitive in nature.
News first broke that the Fortune 500 company suffered a cyberattack in November 2023, forcing it to take many of its services offline.
“For example, the services we provide related to title insurance, escrow and other title-related services, mortgage transaction services and technology for the real estate and mortgage industries have been affected by these measures,” the company said at the time. “Our subsidiary, F&G Annuities & Life, a leading provider of insurance solutions, was not affected by the incident.”
Shortly afterwards, the operators of the ALPHV ransomware (also known as BlackCat) took responsibility for the attack and posted about it on a dark web leak site. The submission was subsequently deleted, TechCrunch reports, indicating that the company either paid for the decryptor or at least tried to negotiate.
Fidelity National Financial is one of several major companies to suffer a ransomware attack in recent weeks. In addition, mortgage and lending giants LoanDepot, LoanCare and Mr. Cooper all suffered similar incidents.