November 2023 Data Breach Leaves 1.3 Million FNF Customers Vulnerable

Fidelity National Financial (FNF) confirmed around 1.3 million customers’ information may have been potentially exposed during the November 2023 cyberattack (claimed by AlphV/ Black Cat gang).

The American Fortune 500 company provides title insurance and settlement service to the real estate and mortgage industries.

In a recent amended Securities and Exchange Commission (SEC) filing, it revealed that the attack, first identified on November 19, 2023, was successfully contained in seven days. Nevertheless, the containment efforts forced the firm to temporarily block certain IT systems, resulting in disruption of few business operations.

According to the filing, the company concluded a forensic investigation into the incident around mid-December. The investigation revealed that the ransomware attack involved the use of a non-propagating malware that exfiltrated certain data from its systems. This stolen data is believed to be the sensitive information of nearly 1.3 million customers.

“We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data,” the filing revealed.

Although FNF did not reveal any details of the compromised information, it is known to collect customer names, addresses, credit information, driver’s licenses, and financial account details.

It further went on to clarify that none of the connected customer-owned systems were impacted, nor had it received any customer reports regarding the incident. In addition to securing its network, FNF had also notified the concerned regulatory authorities and customers.

“The Company has notified its affected customers and applicable state attorneys general and regulators, [..]; is providing credit monitoring, web monitoring, and identity theft restoration services; and is fielding questions from consumers.”

It also stated that it does not believe that the incident will have any material impact on any of its businesses, and that it’s a defendant in several lawsuits related to the attack.