First American Financial Corporation, the second-largest title insurance company in the United States, revealed Tuesday that a December cyberattack led to a breach impacting 44,000 individuals.
Founded in 1889, it provides financial and settlement services to real estate professionals, home buyers, and sellers involved in residential and commercial property transactions. The California-based company has over 21,000 employees and reported a total revenue of $6 billion last year.
As the financial services company shared in a statement published on December 21 providing very few details regarding the nature of the incident, First American was forced to take some of its systems offline today to contain the impact of a cyberattack.
Five months later, on May 28, the title insurance provider disclosed in a filing with the U.S. Securities and Exchange Commission (SEC) that an investigation into the incident found the attackers gained access to some of its systems and were able to access sensitive data.
“As of the date of this filing, the Company’s investigation of the incident has concluded. Based upon our investigation and findings, the Company has determined that personal information pertaining to approximately 44,000 individuals may have been accessed without authorization as a result of the incident,” First American said.
“The Company will provide appropriate notifications to potentially affected individuals and offer those individuals credit monitoring and identity protection services at no cost to them.”
Breached one month after settling a 2019 hack
On November 28, the company also agreed to pay a $1 million penalty to New York State for violating its cybersecurity regulations after exposing personal and financial data in a May 2019 security breach.
“As the nation’s second-largest title insurance company, First American collects the personal and financial data of hundreds of thousands of individuals annually on title-related documents and stores that information in its proprietary EaglePro application,” New York’s DFS said.
“In May 2019, First American senior management learned of a vulnerability in the application whereby any individual in possession of the link used to access EaglePro could access not only their own documents without authentication, but also those of individuals in unrelated transactions.”
Another American title insurance provider, Fidelity National Financial, was also hit by a “cybersecurity incident” in November. The company also had to take down some of its systems to contain the attack, leading to varying levels of disruption to its business operations.
In January, the company confirmed in an SEC filing that the attackers stole the data of roughly 1.3 million customers using “a type of malware that is not self-propagating.”