Real estate services giant Fidelity National Financial has confirmed that hackers stole data from 1.3 million of its customers during a November cyberattack that knocked the company offline for a week.
said the FNF in a filing Tuesday with federal regulators: “We found that an unauthorized third party accessed some FNF systems, developed a type of non-self-propagating malware, and leaked some data.” The company said it “has notified its affected customers and applicable attorneys general and regulators, as well as approximately 1.3 million potentially affected consumers.”
The filing did not say what specific customer data was stolen, but said that FNF provides credit monitoring and identity theft services to affected customers, suggesting that the stolen customer information was personal or sensitive.
FNF spokeswoman Lisa Foxworthy-Parker did not respond to TechCrunch’s email seeking further details.
FNF said it had “contained” the cyber attack on November 26 after a week-long outage that effectively froze the entire company and many of its affiliates’ operations. Customers were unable to pay their mortgages. One of FNF’s subsidiaries described the incident as a “disaster” in an automated message to customers.
The ransomware gang known as ALPHV (or BlackCat) claimed responsibility for the FNF cyberattack in a post on the dark web leak site, which it uses to blackmail victims into paying hackers to remove and delete data. ALPHV subsequently removed FNF from its website. Ransomware and extortion gangs sometimes remove a victim’s information when paying the ransom.
FNF was one of several corporate victims of cyberattacks in recent weeks targeting the mortgage and loan industry, including LoanDepot and Mr. Cooper.
