First American says funds secure despite cyberattack

Jason Macuray
Title insurance company First American said all funds held at First American Trust and third-party partner banks remain secure

Title insurance company First American said all funds held at First American Trust and third-party partner banks remain secure despite a cyberattack affecting the company’s operations since last week.

The real estate industry giant provided several updates about a cyberattack first announced December 21 in a brief notice posted to a temporary website.

On Wednesday, the company said that despite the “regrettable disruption to normal business operations,” it is still able to process funds “safely and securely.”

“Our bank, First American Trust, continues to accept incoming wires, and all funds at First American Trust and our third-party partner banks remain secure,” they said.

The company also wrote on its temporary website on Friday that its email system has been taken offline, and it warned customers to be wary of emails purporting to be from First American, First American Title or from FirstAm.com.

That notice came after First American filed regulatory documents with the SEC on December 22 notifying the agency of the cyberattack.

The company has not responded to requests for comment about whether the incident is a ransomware attack. The 8-K filing with the SEC said that the company recently identified unauthorized activity on certain systems and has since isolated systems from the internet.

“The Company is working diligently to restore those systems and resume normal operations as soon as possible, but cannot estimate the duration or extent of the disruption at this time,” First American said.

“The Company has retained leading experts, is working with law enforcement and notified certain regulatory authorities. During the disruption, the Company’s primary website may be inaccessible or inoperative.”

In reference to recent regulations instituted by the SEC, First American said it is still “assessing the impact of the incident and whether it may have a material impact on its financial condition and results of operations, which at this point cannot be determined.”

Last week, new rules took effect mandating that companies quickly disclose “material” cybersecurity incidents and share the details of their cybersecurity risk management, strategy and governance with the commission on an annual basis.

Companies have to report issues in 8-K filings within four business days unless the U.S. attorney general determines that disclosure would threaten national security or public safety.

First American is one of the largest providers of title insurance and settlement services for U.S. real estate companies and mortgage issuers.

BriefsCybercrimeIndustry
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Albanian parliament, telecom company hit by cyberattacks

Next Post

Microsoft disables app installation protocol abused by hackers

Related Posts

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution

A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. "Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices supported by OvrC; some of those include smart electrical power supplies, cameras, routers, home automation systems, and
Avatar
Read More