Ransomware 'catastrophe' at Fidelity National Financial causes panic with homeowners and buyers


Last Tuesday, Fidelity National Financial, or FNF, a real estate services company that bills itself as the “leading provider of title insurance and escrow services, and North America’s largest title insurance company,” announced that it had experienced a cyberattack.

Since then, homeowners who have mortgages and prospective buyers who are purchasing properties with FNF or one of its many subsidiaries have been left confused and concerned, not knowing exactly what is happening or what to do.

“I feel like I’m getting the runaround. I don’t even know where my money is at,” said one woman, who told TechCrunch that she sold a house in Illinois for $397,000 using IPX 1031, an intermediary owned by FNF.

The woman, who asked to remain anonymous, said she has been trying to call IPX 1031 but has not been able to talk to anyone there.

When TechCrunch called a number for an employee at IPX 1031 that the woman had been calling, a voicemail said that “Fidelity National Financial is still experiencing a system wide outage. We do not have access to send or receive email or access to any system. We appreciate your patience.”

FNF has not responded to TechCrunch’s emails since last week.

A call on Monday to FNF’s receptionist at its corporate office was met with an automated message saying the receptionist was busy. Calls to the same number on Wednesday returned the same automated message.

Contact Us

Do you have more information about this data breach? We’d love to hear from you. From a non-work device, contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or email lorenzo@techcrunch.com. You also can contact TechCrunch via SecureDrop.

FNF’s website was down at the time of publication.

To date, FNF has said little publicly about the incident. In a regulatory filing with the U.S. Securities and Exchange Commission where it announced the breach, FNF said: “We blocked access to certain of our systems, which resulted in disruptions to our business. For example, the services we provide related to title insurance, escrow and other title-related services, mortgage transaction services, and technology to the real estate and mortgage industries, have been affected by these measures.”

Christine Youmans, who said she uses LoanCare to pay her mortgage, said she doesn’t know what to do. LoanCare, which is owned by FNF, offers “full-service subservicing to the mortgage industry, according to its website.

“Everything is shut down and no one can pay the mortgage and you can’t get them on the phone,” Youmans told TechCrunch.

A call to a number on the LoanCare website responded with an automated message that said: “For those of you impacted by the recent catastrophe, we hope you and your family are safe. We are here to help you and your family return to normal.”

Shortly after the cyberattack, the ransomware gang known as ALPHV (or BlackCat) claimed responsibility for the cyberattack on FNF in a message posted on the gang’s official dark web site.





Source link