Fidelity says cybersecurity attack is contained but questions remain
After about a week of chaos at Fidelity National Financial (FNF) due to a cybersecurity attack, the firm said the incident was contained on Sunday, November 26.
In an updated filing with the Securities and Exchange Commission on Thursday, Fidelity disclosed the company became aware of a cybersecurity incident that impacted some of its systems on Sunday Nov. 19.
Fidelity initially notified the public two days after the attack, revealing the firm experienced disruptions to title insurance, escrow and other title-related services, as well as mortgage transactions and technology for the real estate and mortgage industries.
“The company is restoring normal business operations and is coordinating with its customers. The company will continue to assess the impact of the incident and whether the incident may have a material impact on the company,” according to its latest filing on Thursday.
Fidelity did not respond to requests for comments on information about the ongoing investigations and potential compromise of customer data.
Shortly after the incident, ransomware gang AlphV/BlackCat claimed responsibility.
In an online post last week, AlphV/BlackCat blamed Fidelity for allegedly hiring incident responders from Google’s Mandiant unit and threatened to disclose information on data it collected.
Most recently, national lender and servicer Mr. Cooper was under a cybersecurity attack leaving clients unable to access their accounts for more than a week.
While operations have resumed at Mr. Cooper, the incident is estimated to cost the company up to $10 million in additional vendor costs in the fourth quarter.
First American Title Insurance is still dealing with the aftermath of a data breach in 2019.
This week, New York Department of Financial Services (DFS) issued an additional $1 million penalty on First American. The DFS found that First American failed to maintain and implement effective governance and classification and risk assessment policies and procedures.
Vulnerability in its proprietary application that stored consumer data would allow anyone in possession of the link to access documents of individuals involved in unrelated transactions without any identity authentication.
To better secure consumer data, First American also agreed to implement remedial measures.
