Following the cybersecurity incident on December 20, First American, the second-largest title insurer in the country, and a few of its subsidiaries are still unavailable as of Wednesday morning. For homebuyers and sellers using the company’s title services in more than 2,000 locations, the systems outage has disrupted closings over the holidays across the nation.
The incident was reported by First American at midday on Thursday. It informed customers on Friday that it had taken its email system offline and advised them to be cautious when opening attachments from Firstam.com.
Furthermore, in a document submitted to the Securities and Exchange Commission last Friday, the title company said that while it was “working diligently” to bring the systems it had taken offline back online, it was unable to predict “the duration or extent of the disruption at this time.”
Through a newly designed website, the company has been disseminating updates. Since last Friday, no additional filings or updates have been made public.
Requests for clarification regarding the cybersecurity incident have been made in response to the company’s LinkedIn announcement by appraisers, sellers, and homebuyers. “We wired in full payment for a home that was supposed to close last week,” a buyer remarked. We are currently unable to access our funds, and we will likely miss our closing date. A home seller mentioned in a different comment that they had been waiting six days for payment.
Under the First American Financial umbrella are approximately two dozen subsidiaries in addition to First American Title Insurance and First American Title Guaranty. The websites for ACI, a subsidiary that provides valuation technology, and DataTrace were still down as of Wednesday morning. Nonetheless, ServiceMac, the mortgage servicing division of First American, has reopened for business after being unavailable through Tuesday afternoon.
The May 2019 cybersecurity incident, for which First American was recently asked to pay $1 million to the New York Department of Financial Services (DFS) as part of a cybersecurity violation settlement, has nothing to do with the most recent cybersecurity attack at the company.
Not all title companies have experienced a cyberattack in the last few months, including First American. Fidelity National Financial experienced a ransomware attack in late November that caused its systems to go down for a few days. The attack was later attributed to the ransomware gang AlphV/BlackCat. Loancare, an FNF subsidiary and mortgage sub servicer, notified authorities on Tuesday that, as a result of the cybersecurity attack in November, the data of approximately 1.3 million customers was compromised.
Systems at First American are affected by a cyberattack
A cyberattack has resulted in the disruption of certain IT systems at First American Financial Corporation, a significant title insurance provider in the United States.
First American, which just last month agreed to settle for $1 million for violations of the New York Department of Financial Services Cybersecurity Regulation related to a data breach in 2019, says that efforts are in progress to resume regular operations.
This disclosure follows almost a month after Fidelity National Financial, a fellow American title insurance company, acknowledged that the ALPHV/BlackCat ransomware operation had disrupted its operations.
FNF, which also disclosed the compromise of some credentials, stated, “We took containment measures such as blocking access to certain of our systems resulting in varying levels of disruption to our businesses.”, stated FNF, which also disclosed that some credentials had been compromised but has since reported that normal business operations have resumed in the wake of the incident.