First American Financial Corporation shuts down IT systems due to cyberattack, reports data breach

First American Financial Corporation, a leading U.S. title insurance company, has recently responded to a cyberattack by taking some of its key IT systems offline as a precautionary containment measure. First American Financial Corporation is a prominent player in the real estate sector, offering financial and settlement services to various stakeholders in property transactions.

The incident was publicly acknowledged in a statement on a specially created website, as their official website is down.

The specifics of the attack, including the extent of the breach and the data potentially compromised, remain unclear. But taking entire IT systems offline indicates of rapid spread attack, probably a ransomware.

Update - First American Financial amended their report and informs that the Dec. 20 cyberattack involved unauthorized access and theft of non-production systems data, which was subsequently encrypted. The company is currently restoring system access and resuming normal operations, but the full financial impact of the incident remains uncertain.

First American has already restored key systems like their ACI appraisal system and AgentNet platform.

As of 28th of May 2024, First American reported that the December cyberattack led to a breach impacting 44,000 individuals. The company pledges to provide notifications to the affected individuals and offer free credit monitoring and identity protection services.