Hackers accessed data of 1.3M customers in Fidelity cyberattack

cyberattack

Mortgage subservicer Loancare informed authorities that the data of about 1.3 million customers was compromised following a cyberattack in November on its parent company, the big four title firm Fidelity National Financial (FNF). This data includes customers’ social security numbers.

The company informed officials in Maine and California that 1,316,938 customers had information accessed by hackers during the incident. However, it stated the firm has “not identified any fraudulent use of your personal information as a result of this incident.”

“Based on our investigation, we understand that your name, address, social security number, and loan number may have been obtained by the unauthorized third party,” the document states.

On Nov. 19, FNF said it suffered a “cybersecurity incident” that led the system to shut down some of its networks, causing disruptions to its title insurance, escrow and other title-related services, as well as mortgage transactions.

The infamous ransomware gang AlphV/BlackCat claimed to be behind the attack. In an online post, the gang wrote that Fidelity was “ruined” for hiring incident responders, allegedly from Google‘s Mandiant unit.

FNF notified law enforcement authorities and implemented certain measures to assess and contain the incident. The firm said the incident was contained after about one week.

However, the company became the target of a class action lawsuit alleging that they were negligent with customer data and that they breached their contract. The suit was filed by Teneika Tillis, a Loancare servicing client, in the U.S. District Court for Central California.

Tillis said she filed the suit “upon information and belief” that her personal identifiable information had been compromised in the attack.

Per the documents filed in Maine and California, the companies have secured Kroll‘s services to provide identity monitoring services at no cost to customers for 24 months.

Other companies that were also the target of cyberattacks over the last few months include Mr. Cooper and First American.

ENB
Sandstone Group