Attackers breached Fidelity National Financial (FNF) servers and accessed its subsidiaries’ LoanCare customer details, including Social Security numbers.
LoanCare, a servicer for the US mortgage industry, has started contacting clients regarding a hazardous data breach. According to the company, attackers accessed some of LoanCare’s customer data after breaching FNF’s servers in November,
As soon as the company learned about the incident, it took the help of third-party cybersecurity experts, informed law enforcement agencies, and launched an investigation.
“The investigation has determined that an unauthorized third party exfiltrated data from certain FNF systems. As part of the review of the potentially impacted data, LoanCare identified that some of your personal information may have been among that data,” reads the breach notification.
LoanCare said that customer names, addresses, Social Security numbers (SSNs), and loan numbers may have been obtained during the cyberattack.
FNF was attacked by the notorious ALPHV ransomware gang in mid-November, forcing the US mortgage company to shut down its network.
FNF is a US-based insurance provider focusing on the real estate and mortgage industries. The company’s revenue exceeded $11.5 billion in 2022.
Meanwhile, ALPHV has grown into one of the most prominent ransomware cartels of recent years. Most notably, the gang was behind the September ransomware attacks on the Las Vegas casino giants MGM Resorts and Caesars International, who are rumored to have paid a $15 million ransom to keep operations running.
However, the walls are now closing in on ALPHV, as the feds have recently taken down at least parts of the gang’s dark web infrastructure and released software to neutralize the gang’s malicious tools.
More from Cybernews:
Subscribe to our newsletter