Fidelity National Financial (FNF) has claimed that the data of its 1.3 million customers have been stolen by hackers. The cyberattack that targeted FNF took its website off the internet for 7 days.
The official communique released by FNF said that their servers had been attacked by a malevolent cyber attack group, who stole valuable data regarding the customers.
The nature of the stolen data has not yet been publicized by the real estate firm. The attack temporarily disrupted the activities of the firm, making them unable to provide services to the customers for a whole week.
Fidelity National Financial is a provider of title insurance and settlement services to the real estate and mortgage industries. It has been listed as a Fortune 500 company in the Forbes annual list. The Florida-based company has generated over $8 billion in annual revenue in the year 2019.
Poised to become one of the largest real estate firms in America, the recent cyber attack has severely hit the reputation of the firm.
BlackCat, also known as AlphV, has claimed responsibility for the cyber attack on FNF on its dark website. They are a ransomware gang known for the recent social engineering attacks on a famous Las Vegas-based hotel and casino group.
The group gained access to the FNF systems and used malware to extract confidential data of the customers. The modus operandi of the group involves extracting data and holding it for ransom to make huge companies pay them for deleting the data. The group usually threatens to release the data to the public and tarnish a firm’s image.
The FNF spokesperson initially claimed that no demands for ransom were put forward by the group. But BlackCat removed FNF’s name from the list on their site, the same day leading to speculations that the firm has indeed paid a ransom.
The firm also worked in tandem with law enforcement to analyze the possible areas of breaches and assess the impact. Forensic experts have suggested that the hacking could have been done using malware.
Apart from losing their data, the disruption of FNF and its subsidiaries has caused trouble for the customers. They were unable to pay their mortgages and renew their insurance. Many buyers and agents were left in the dark as they could not complete their payments.
All the operations of FNF were moved online and the outage of services has caused confusion and panic among the customers. FNF quickly took action and tried to bring the services back online. It took them 7 days to assess the impact and solve the problems.
It is not the first time a mortgage and insurance firm has been attacked by cyber attack groups. LoanDepot and Mr.Cooper were also recent targets of ransomware attacks. The servers of LoadDepot were taken offline by a surprise ransomware attack.
While LoadDepot said that the data of the customers were not lost, things were not the same for the latter. Mr.Cooper lost the data of 14 million customers on October 31, 2023. Both firms had to spend millions to restore their online operations.
The FNF incident was contained shortly after the attack. The FBI was able to seize the operations of BlackCat aka AlphV. The Cybersecurity and Infrastructure Security Agency (CISA) said that BlackCat has targeted more than 1,250 entities and was paid $300 in ransom.
CISA is continuing its efforts to root out BlackCat and other cyber attack groups from the dark web. The tools used by BlackCat to enter and extort data from NFN were recovered by CISA. A reward of $10 million is also announced for anyone who can identify the gang’s leaders.
The real estate, insurance, and mortgage industries lead on as favorite targets for online cyber attack groups. The websites of these firms are home to very sensitive information about the customers like personal and financial details.
Most of the mortgage and insurance firms have moved their operation online for ease of use to customers. This leads to customers entering their information online, where they need to be stored securely. Most cyber attack groups have state-of-the-art software and programs to extract data from such online portals. The increasing number of cyber-attacks should prompt such firms to provide high-end security to their customers’ data against cyber attacks.
