DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Fidelity National Financial ransomware incident impacts real estate closings

Posted on November 24, 2023 by Dissent

Fidelity National Financial (FNF) is the nation’s largest group of title companies and underwriters in the country. They claim that collectively, they issue more title insurance policies than any other firm in the United States.

On Wednesday, while many Americans were getting ready for Thanksgiving, AlphV (BlackCat) threat actors announced that they had attacked FNF. They appear to blame Mandiant for FNF not paying their extortion demand:

Hiring Mandiant has the following effects. You end up ruined. They had a good reputation ten years ago. Everyone is aware that they fell, so let’s just be kind to them now. We expect a blog post in retaliation, don’t stub your fingers, warriors.

Their IT department and Mandiant determine that sitting still is the best course of action while we screw them. 30 people in teams call at 3 am America time and still lost.

Before disclosing whether or whether we have collected any data, we will allow FNF further time to get in touch. Wouldn’t want to disclose every card at this early stage.

I implore FNF investors to talk some reason into these executives who are gullible enough to fall for Mandiant’s disinformation. Better threat intelligence may be obtained from my deceased mother than from Kevin Mandia’s (sellout) firm. Your bum must be bruised from all that riding on Microsoft as a Google company.

There is nothing on FNF’s website that indicates any data breach or problem, and AlphV has posted no proof of claims, but FNF shut down many of their online services and filed a report with the Securities and Exchange Commission (SEC) that confirms they were aware of access to certain systems and were investigating:

Fidelity National Financial, Inc. (“FNF” or the “Company”) recently became aware of a cybersecurity incident that impacted certain FNF systems. FNF promptly commenced an investigation, retained leading experts to assist the Company, notified law enforcement authorities, and implemented certain measures to assess and contain the incident. Among other containment measures, we blocked access to certain of our systems, which resulted in disruptions to our business. For example, the services we provide related to title insurance, escrow and other title-related services, mortgage transaction services, and technology to the real estate and mortgage industries, have been affected by these measures. Our majority-owned subsidiary, F&G Annuities & Life, a leading provider of insurance solutions, was not impacted by the incident.
Based on our investigation to date, FNF has determined that an unauthorized third party accessed certain FNF systems and acquired certain credentials. The investigation remains ongoing at this time.
FNF will continue to assess the impact of the incident and whether the incident may have a material impact on the Company.
We are working diligently to address the incident and to restore normal operations as quickly and safely as possible.

Commenting on the situation, Kevin Beaumont wrote that the ransomware incident is causing problems across the US housing market because FNF owns “a ton of downstream companies, eg Chicago Title, and they’re also offline.”  Beaumont points to Dataconomy  for a report on the impact the incident has already had this week:

Real Estate News highlighted the immediate consequences of the Fidelity National Financial data breach breach, revealing that numerous real estate closings were abruptly halted. This disruption left agents and homebuyers in a state of urgency, seeking alternative ways to finalize their transactions, which were reportedly not expected to resume until Sunday.

[…]

San Francisco broker Kate Fomina of Crypton Realty conveyed to Real Estate News the challenges her clients are facing due to this delay. They were expecting to close on Wednesday, but Fomina received a call from the escrow company, Chicago Title. “They told me there was a security breach and because of that they have to shut down the whole system, all over the country,” she explained. “The closing system is down at least until Sunday. They can’t send any wires, can’t release for recording.”

Category: Financial SectorMalwareOf NoteU.S.

Post navigation

← Implications of “malware free” attacks on SMBs
“They are tired of him, but they are afraid”: what is known about the leader of the hacker group Killnet →

2 thoughts on “Fidelity National Financial ransomware incident impacts real estate closings”

  1. Thomas West says:
    November 24, 2023 at 1:08 pm

    Fidelity has been HACKED
    IF YOU HAVE ANY FUNDS WITH THEM BE ON ALERT

  2. Montie Daniels says:
    November 25, 2023 at 6:28 pm

    We closed hours before this happened now we have had our funds placed on hold and has caused so many problems we are already a month behind on closing because of the requirements that they expected of us to be able to sell the house and now this is added another week almost on us getting paid. I hope they get their system straight quick.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • International cybercrime tackled: Amsterdam police and FBI dismantle proxy service Anyproxy
  • Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
  • N.W.T.’s medical record system under the microscope after 2 reported cases of snooping
  • Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors
  • Masimo Manufacturing Facilities Hit by Cyberattack
  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • FTC dismisses privacy concerns in Google breakup
  • ARC sells airline ticket records to ICE and others
  • Clothing Retailer, Todd Snyder, Inc., Settles CPPA Allegations Regarding California Consumer Privacy Act Violations
  • US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car
  • Google agrees to pay Texas $1.4 billion data privacy settlement
  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
  • Florida bill requiring encryption backdoors for social media accounts has failed

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.