The company recently paid a $1 million penalty to settle violations of the New York Department of Financial Services’ cybersecurity regulation stemming from a May 2019 hack.
First American Financial Corporation, the second largest insurance company in the USA, took some of its systems offline to reduce the effects of the cyber attack it suffered.
“First American has experienced a cyber security incident,” the company said on its website announcing the attack. The official site was also taken offline before the publication of the article. “In response, we have shut down certain systems and are working to return to normal business operations as soon as possible.
“Founded in 1889, First American provides financial services to home buyers and sellers, realtors and others involved in residential and commercial real estate transactions. The California-based title insurance specialist reported $7.6 billion in revenue last year and more than 21,000 employs, Fortune reports On November 28, First American paid a $1 million penalty to settle violations of the New York Department of Financial Services’ cybersecurity regulation stemming from a May 2019 hack.
“First American, as the second largest title insurer in the country, collects the personal and financial data of hundreds of thousands of individuals on title documents every year and stores this information in its proprietary EaglePro application,” said New York’s DFS. “In May 2019, First American’s senior management became aware of a vulnerability in the application that allowed anyone with the link used to access EaglePro to gain unauthenticated access not only to their own documents, but also to the documents of people involved in unrelated transactions.”
Fidelity National Financial, another US insurance provider, made a similar announcement last month, saying its network had been hit by a cyber security breach. “In addition, we have taken restrictive measures, such as blocking access to certain of our systems, which have resulted in various levels of disruption to our business,” the company said in a filing with the US Securities and Exchange Commission.
Fidelity National Financial did not provide further details, but said the incident had been contained as of Nov. 26 and was still working to restore normal business operations. In an earlier announcement, the company revealed that attackers obtained certain credentials after gaining access to some of its systems. Although Fidelity National Financial has yet to name any attackers, the ALPHV/BlackCat ransomware gang claimed responsibility for the breach on November 22nd itself.