FNF Data Breach Impacts 1.3 Million Individuals


LoanCare, a prominent mortgage servicing firm, is reaching out to over 1 million individuals to inform them of a recent data breach on its parent company. The notification regarding the data breach at Fidelity National Financial (FNF), the parent company, mentioned that this incident had affected the company’s operations. 

The FNF data breach occurred as a result of a cyberattack on FNF’s internal systems, according to a notification letter sent by LoanCare to the affected individuals. A copy of this letter has been submitted to the Maine Attorney General’s Office.

FNF Data Breach, and LoanCare Notifications

As a subsidiary of FNF, LoanCare specializes in providing loan sub servicing for mortgage loaners, which includes banks, credit unions, and mortgage firms. FNF publicly disclosed the cyberattack in late November through a Form 8-K filing with the US Securities and Exchange Commission. The FNF data breach notice revealed that the intrusion happened on November 19.

The breach led to business disruptions that prompted containment measures, including the blocking of access to certain systems. The incident was successfully contained by November 26, 2023, and FNF is now working to restore normal business operations while collaborating with its customers.

In the notification letter, LoanCare disclosed that the attackers successfully exfiltrated data from FNF’s systems, compromising personal information such as names, addresses, Social Security numbers, and loan numbers.

In November, LoanCare experienced a cyberattack, following the October 2023 breach of Mr. Cooper, another mortgage provider, affecting nearly 14.7 million individuals.

In response to the incident, FNF initiated an investigation with the support of third-party experts, notified relevant law enforcement and governmental authorities, and took measures to assess and contain the situation, as stated by LoanCare.

Who is Responsible for the FNF Data Breach?

Despite the cyberattack on FNF, LoanCare emphasizes that there is currently no evidence indicating fraudulent use of the stolen personal information. Nevertheless, as a precautionary measure, the company is offering free identity monitoring services to those affected by the breach.

LoanCare has reported to the Maine Attorney General’s Office that over 1.3 million individuals have been impacted by the data breach. Notably, the cybercriminal group BlackCat/Alphv is believed to be behind the attack. This notorious ransomware group previously claimed responsibility for the cyberattack on FNF. 

As investigations unfold, the affected individuals are urged to remain vigilant and take advantage of the identity monitoring services provided by LoanCare to safeguard against potential misuse of their personal information.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link