The Jacksonville, Florida-based company first became aware of the cybersecurity incident on November 19 and successfully contained it by November 26, 2023.
During the initial response, FNF temporarily restricted access to specific systems, including those associated with title and mortgage services. However, the company managed to restore full system functionality by the end of November.
A detailed forensic investigation, concluded last month, uncovered that an unauthorized third party had gained access to certain FNF systems. The intruder deployed a type of non-self-propagating malware and successfully exfiltrated specific data. The insurer addressed the findings in a filing with the SEC on January 9.
FNF said it had assured affected customers that necessary measures to mitigate the impact of the cyberattack had been taken. The company is continuing to work towards enhancing its cybersecurity protocols to prevent similar incidents in the future.
In a statement, it said state attorneys general, and regulatory bodies had been informed and FNF is actively collaborating with law enforcement, customers, advisors, and other stakeholders. The insurer is also offering credit monitoring and identity-theft restoration services to affected customers.According to an SEC filing, FNF is currently facing legal action in multiple lawsuits arising from the cyberattack.
The company asserts its commitment to robustly defending itself against any litigation stemming from the incident. As one of the four major players dominating the title insurance marketplace, FNF remains a key entity in the industry.