The November 19 cyberattack that temporarily took down Fidelity National Financial’s online systems exposed the personal and financial data of 1.3 million customers of LoanCare, LLC, a mortgage subservicer owned by Fidelity National Financial, the real estate and mortgage industries’ largest underwriter of title insurance.
The breach of LoanCare, specifically, was not publicly known until December 20, when LoanCare filed a notice of data breach with the Attorney General of Maine. The filing indicates the data breach occurred on November 19, but was not discovered until December 13.
However, letters being distributed to impacted customers by LoanCare state: “On or about November 19, 2023, LoanCare, LLC (“LoanCare”), which performs or has performed loan subservicing functions for your mortgage loan servicer, became aware of unauthorized access to certain systems within its parent’s, Fidelity National Financial, Inc. (“FNF”), information technology network. Upon becoming aware of the incident, FNF commenced an investigation with the assistance of third-party experts, notified certain law enforcement and governmental authorities, and began taking measures to assess and contain the incident.”
The SEC’s new rules for public companies’ cybersecurity disclosures, effective as of Sept. 5, 2023, includes “a requirement to disclose material cybersecurity incidents four business days after a public company determines the incident is material and a requirement to disclose annually information regarding cybersecurity risk management, strategy, and governance,” per the SEC’s website.
The only LoanCare customers receiving letters are those whose personal information was compromised.
