Fidelity National Financial says hackers stole data on 1.3 million customers

Real estate services giant Fidelity National Financial has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week.

FNF said in a filing Tuesday with federal regulators: “We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data.” The company said it has “notified its affected customers and applicable state attorneys general and regulators, and approximately 1.3 million potentially impacted consumers.”

The filing did not say what specific customer data was stolen, but said FNF is providing credit monitoring and identity theft services to affected customers, suggesting that the stolen customer information was personal or sensitive in nature.

FNF spokesperson Lisa Foxworthy-Parker did not respond to TechCrunch’s email requesting further details.

FNF said it “contained” the cyberattack on November 26 following a week-long outage that virtually froze all of the company and much of its subsidiaries’ operations. Customers were unable to pay their mortgages. One of FNF’s subsidiaries described the incident as a “catastrophe” in an automated message for customers.

The ransomware gang known as ALPHV (or BlackCat) claimed responsibility for the FNF cyberattack in a post on its dark web leak site, which it uses to extort victims into paying the hackers to remove and delete the data. ALPHV subsequently removed FNF from its site. Ransomware and extortion gangs sometimes remove a victim’s information when they pay the ransom.

FNF was one of several corporate victims of cyberattacks in recent weeks targeting the mortgage and loan industry, including LoanDepot and Mr. Cooper.

Fidelity National Financial shuts down network in wake of cybersecurity incident