Mortgage servicing company LoanCare is warning 1,316,938 borrowers across the U.S. that their sensitive information was exposed in a data breach at its parent company, Fidelity National Financial.
LoanCare is a sub-servicing and interim sub-servicing provider and a significant player in the mortgage servicing sector, handling approximately $390 billion in balances from 1.2 million loans.
Last week, its parent company, Fidelity National Financial, a prominent title insurance provider in the United States, disclosed a cyberattack in an SEC filing.
Following this disclosure, LoanCare posted a notice about the incident on its website and informed the authorities of the incident while also sharing a sample of the notice sent to impacted individuals.
“On or about November 19, 2023, LoanCare, LLC (“LoanCare”), which performs or has performed loan subservicing functions for your mortgage loan servicer, became aware of unauthorized access to certain systems within its parent’s, Fidelity National Financial, Inc. (“FNF”), information technology network,” reads the LoanCare data breach notice.
The investigation, aided by third-party experts and specialized state departments, revealed that the attackers managed to steal data, including customer details, from Fidelity National Financial’s systems.
The information that has been compromised includes:
- Full name
- Physical address
- Social Security Number (SSN)
- Loan number
The above data can be used for targeted phishing, social engineering, and scamming attacks, so recipients of the data breach notification are urged to remain vigilant against unsolicited communications.
Moreover, LoanCare has enclosed instructions on enrolling in a two-year identity monitoring service through Kroll to mitigate the risk for exposed individuals further.
Last week, title insurance giant First American Financial Corporation also disclosed it suffered a cyberattack that impacted its systems.
The disruption caused by the cyberattack on First American continues as system restoration is underway, and there are currently no estimates on when the company will return to normal operations.
As of the time of writing this, the company hasn’t provided any updates on whether customer data has been exposed due to the incident.