[ad_1]
- Ransomware attacks have routinely targeted U.S. financial institutions in the fall and winter, victimizing millions.
- Fidelity National Financial-owned LoanCare recently disclosed the cyberattack against it, which impacted 1.3 million customers.
U.S.-based mortgage subservicing major LoanCare has disclosed that its parent company, Fidelity National Financial, was subject to a data breach that saw threat actors compromising the data of more than 1.3 million individuals.
The November attack against LoanCare followed the breach of another mortgage provider, Mr. Cooper, in October 2023, which victimized almost 14.7 million individuals. More recently, America’s second-largest insurance player, First American, forced the company to knock its systems offline to remedy the impact of a cyberattack. First American is still recovering from the attack.
LoanCare notified the Maine and California attorney generals that the sensitive information of 1,316,938 borrowing customers was impacted, which is being communicated to them. LoanCare failed to mention the perpetrator of the cyberattack, though The Repord reported that the ALPHV/BlackCat ransomware gang claimed the attack, which occurred on November 19, 2023.
It wasn’t until December 13 that LoanCare/Fidelity National Financial discovered the data breach. An investigation by third-party cybersecurity experts revealed the breach led to the exposure and exfiltration of sensitive information, including the borrowers’ names, addresses, Social Security Numbers, and loan numbers.
The type of data accessed puts customers at risk of online scams, phishing, and other social engineering-driven cyberattack. LoanCare announced 24 months of free credit monitoring, web monitoring, and identity theft restoration services to assuage the fallout.
“Not all LoanCare borrowers are impacted by this notice. If you do not receive a letter, LoanCare has determined that you are not among the population whose personal information may have been impacted,” the company said.
If the BlackCat ransomware operation’s claims of compromising LoanCare are valid, the syndicate should have added the company to its leak site. However, it is unclear whether LoanCare is one of the 500 companies that benefited from the recent law enforcement action against the gang, where FBI-led operations seized decryption keys and 946 public/private key pairs.
Do you have any advice for victims? Share with us on LinkedIn, X, or Facebook. We’d love to hear from you!
Image source: Shutterstock
MORE ON CYBERATTACKS
[ad_2]