Fidelity National Financial subsidiary says 1.3 million affected by November cyberattack

Jason Macuray
A subsidiary of title insurance giant Fidelity National Financial reported a data breach to state regulators this week after a cyberattack in November

A subsidiary of title insurance giant Fidelity National Financial reported a data breach to state regulators this week after a cyberattack in November.

LoanCare, one of the largest providers of loan subservicing services, told officials in Maine and California that 1,316,938 people had information accessed by hackers who breached Fidelity National Financial — their parent company.

“On or about November 19, 2023, LoanCare, which performs or has performed loan subservicing functions for your mortgage loan servicer, became aware of unauthorized access to certain systems within its parent’s, Fidelity National Financial, Inc. (“FNF”), information technology network,” they said.

“Based on our investigation, we understand that your Name, Address, Social Security Number, and Loan Number may have been obtained by the unauthorized third party.”

The notice adds that Fidelity National Financial notified law enforcement and government agencies of the attack after beginning an investigation and hiring third-party cybersecurity experts.

Although they confirmed that the incident has been contained, they said the hackers were able to exfiltrate the data. Victims are being offered two years of identity protection services from Kroll.

LoanCare was purchased by Fidelity National Financial in 2009 for $16.3 million. The attack on Fidelity National Financial — which snarled hundreds of home purchases last month across the U.S. — was claimed by the AlphV/Blackcat ransomware gang.

Real estate agents, homebuyers and more were left in the lurch for days after the attack because home sales could not be finished. Fidelity National Financial owns dozens of regional title companies like National Title of New York, Chicago Title, Alamo Title and Commonwealth Land Title.

Shortly after that attack, the AlphV gang’s leak site was seized by the FBI and other law enforcement agencies in a disruption operation that allowed them to access more than 900 public/private key pairs controlling AlphV’s darknet website infrastructure.

The Cybersecurity and Infrastructure Security Agency (CISA) said that as of September 2023, the group’s affiliates “have compromised over 1,000 entities — nearly 75 percent of which are in the United States and approximately 250 outside the United States — demanded over $500 million, and received nearly $300 million in ransom payments.”

The attack on Fidelity National Financial was part of a larger run of attacks on critical financial institutions by ransomware gangs this fall. Last week, One of the largest mortgage loan servicers in the U.S. said the information of nearly 14.7 million people was leaked during a previously reported cyberattack in October.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Australian healthcare provider St. Vincent’s has data stolen during cyberattack

Next Post

Entertainment giant National Amusements says more than 82,000 affected by cyberattack

Related Posts

New ‘VietCredCare’ Stealer Targeting Facebook Advertisers in Vietnam

Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit
Omega Balla
Read More

EC’s use of Microsoft 365 violates data-privacy rules, watchdog group says

The European Commission (EC) has violated several key data protection rules in its use of Microsoft 365 regarding the transfer of people's personal data from Europe to other regions not covered by EU data-protection laws, a key European privacy watchdog found.The European Data Protection Supervisor (EDPS) on Tuesday chastized the EC after finding it did not take proper protective measures when sending personal data outside the EU and European Economic Area (EEA) when using the cloud-based app.To read this article in full, please click here
Read More