Real estate services giant Fidelity National Financial has confirmed that a cyberattack in November resulted in the theft of data belonging to 1.3 million of its customers. The attack caused a week-long outage and customers were unable to access services or make payments.
In a filing to federal regulators on Tuesday, FNF stated, “We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data.” The company has since notified affected customers, state attorneys general, and regulators, reaching approximately 1.3 million individuals.
The specific data that was stolen from customers was not disclosed in the filing. However, the company is offering credit monitoring and identity theft services to those affected, suggesting that the information may have contained personal or sensitive data.
FNF spokesperson Lisa Foxworthy-Parker did not respond to an email from TechCrunch requesting further details.
FNF revealed that the cyberattack, which was finally contained on November 26, caused major disruptions to the company and its subsidiaries. Customers were unable to pay mortgages and one subsidiary referred to it as a “catastrophe” in an automated message to clients.
The ransomware gang known as ALPHV (or BlackCat) claimed responsibility for the FNF cyberattack in a post on its dark web leak site, which it uses to extort victims into paying the hackers to remove and delete the data. ALPHV subsequently removed FNF from its site. Ransomware and extortion gangs sometimes remove a victim’s information when they pay the ransom.
FNF was one of several companies in the mortgage and loan industry targeted by cyberattacks in recent weeks. This includes LoanDepot and Mr. Cooper.