First American Financial Corporation, the second-largest title insurance company in the United States, recently fell victim to a cyberattack that led the company to take some of its systems offline as a containment measure. The California-based company, established in 1889, plays a crucial role in providing financial and settlement services for property transactions in the real estate sector. Notably, First American is a major player in the title insurance industry, with significant annual revenue and a large workforce.
This incident comes on the heels of a cybersecurity penalty First American paid in November, totaling $1 million, for violations related to a breach that occurred in May 2019. The breach involved a vulnerability in the company’s EaglePro application, which exposed personal and financial data of individuals involved in residential and commercial property transactions. The New York Department of Financial Services (DFS) stated that the breach allowed unauthorized access to sensitive documents without proper authentication.
Title insurance providers have increasingly become targets for cyberattacks, as evidenced by another major player in the industry, Fidelity National Financial, disclosing a recent cybersecurity incident. Fidelity National Financial reported that its network was affected, prompting containment measures such as blocking access to certain systems. The incident, attributed to the ALPHV/BlackCat ransomware gang, involved the acquisition of certain credentials by the attackers.
These incidents underscore the heightened threat landscape faced by companies in the real estate and title insurance sectors, emphasizing the need for robust cybersecurity measures to safeguard sensitive information and maintain the integrity of property transactions. The fallout from such breaches can include disruptions to business operations, financial losses, regulatory penalties, and reputational damage.
