LoanCare suffered a data breach last month, which resulted in the theft of sensitive customer data, the insurance company confirmed.
About 1.3 million people were affected by the breach, the company further explained, as hackers stole people's full names, physical addresses, Social Security Numbers (SSN), and loan numbers.
This information can be used in all kinds of cyber attacks, from phishing to identity theft and wire fraud. Users are advised to be wary of incoming emails, phone calls, or other forms of communication claiming to be calling from LoanCare.
Was it ransomware?
In a notification letter to affected individuals, Loancare revealed that the breach is related to the cyber incident that occurred with its parent company, Fidelity National Financial, in mid-November 2023.
“On or about November 19, 2023, LoanCare, LLC (“LoanCare”), which performs or has performed loan servicing functions for your mortgage loan servicer, became aware of unauthorized access to certain systems within its parent company, Fidelity National Financial, Inc. (“FNF”), Information Technology Network,” the company said in the letter.
To help protect its customers, LoanCare offered a two-year identity monitoring service through Kroll. It has also notified the relevant authorities and engaged external experts to analyze the breach and secure the infrastructure.
In late November, news broke that Fortune 500 company Fidelity National Financial suffered a cyberattack that forced it to take many of its services offline. The company did not specifically state that the incident was a ransomware attack, but the way it responded suggested that this could be the case.
The company has filed a report with the U.S. Securities and Exchange Commission (SEC), stating that FNF has discovered a security incident that “affected certain FNF systems.” The company responded by notifying police, investigating the matter, engaging “leading experts” and implementing “certain containment measures.” Some measures, such as blocking access to different parts of the system, resulted in business interruptions.
Through BleepingComputer