How the GSEs view collateral risk — and how lenders should be adjusting
Kevin Sears pulls back the curtain on NAR’s commission lawsuit settlement
AI accelerates lending. For real
Damian Eales on recent commission lawsuits and the role of buyer agents
MortgageTechnology

Hackers accessed data of 1.3M customers in Fidelity cyberattack

Compromised data include customers' social security numbers

Mortgage subservicer Loancare informed authorities that the data of about 1.3 million customers was compromised following a cyberattack in November on its parent company, the big four title firm Fidelity National Financial (FNF). This data includes customers’ social security numbers. 

The company informed officials in Maine and California that 1,316,938 customers had information accessed by hackers during the incident. However, it stated the firm has “not identified any fraudulent use of your personal information as a result of this incident.” 

“Based on our investigation, we understand that your name, address, social security number, and loan number may have been obtained by the unauthorized third party,” the document states.

On Nov. 19, FNF said it suffered a “cybersecurity incident” that led the system to shut down some of its networks, causing disruptions to its title insurance, escrow and other title-related services, as well as mortgage transactions. 

The infamous ransomware gang AlphV/BlackCat claimed to be behind the attack. In an online post, the gang wrote that Fidelity was “ruined” for hiring incident responders, allegedly from Google‘s Mandiant unit.

FNF notified law enforcement authorities and implemented certain measures to assess and contain the incident. The firm said the incident was contained after about one week. 

However, the company became the target of a class action lawsuit alleging that they were negligent with customer data and that they breached their contract. The suit was filed by Teneika Tillis, a Loancare servicing client, in the U.S. District Court for Central California. 

Tillis said she filed the suit “upon information and belief” that her personal identifiable information had been compromised in the attack.

Per the documents filed in Maine and California, the companies have secured Kroll‘s services to provide identity monitoring services at no cost to customers for 24 months. 

Other companies that were also the target of cyberattacks over the last few months include Mr. Cooper and First American

More:

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular Articles

Latest Articles

Houses-Individual, Modern 5
Spring housing market gets more inventory 

We’ve now had back-to-back weeks of healthy housing inventory growth, making spring 2024 much healthier than spring 2023.

3d rendering of a row of luxury townhouses along a street

Log In

Forgot Password?

Don't have an account? Please