Dive Brief:
- About 1.3 million Fidelity National Financial customers were potentially impacted by a November cyberattack, the company said Tuesday in an amended 8-K filing with the Securities and Exchange Commission.
- An unauthorized third-party gained access to the title insurance provider’s systems, deployed malware that is not self-propagating and stole company data, Fidelity National Financial said after it completed an internal investigation Dec. 13.
- Several lawsuits have been filed against the Jacksonville, Florida-based firm.The company said it does not currently expect the attack to have a material impact on its business.
Dive Insight:
The Fidelity attack is one of several high-profile cyber intrusions against the real estate and financial services industries in recent months.
Mr. Cooper, First American Financial and loanDepot, have all been targeted in significant attacks since October.
Under the new SEC incident reporting rules, companies have four business days from determination of materiality to file a disclosure on form 8-K.
Fidelity National Financial first became aware of the attack on Nov. 19, according to the filing. The company blocked access to its systems, brought in forensic experts and notified law enforcement as part of its incident response plan.
The response led to various operational disruptions, including the previously disclosed delay of customer transactions.
The company said there is no evidence that any customer-owned system has been directly impacted, and no customers have reported such occurrences to Fidelity.
The company did not detail exactly how the hackers gained access to Fidelity’s systems.
A spokesperson for the company was not immediately available for comment.
