US insurance giant First American confirms it was hit by a ransomware attack

News
By published

First American data stolen and encrypted, company states

Cyberattack
(Image credit: Cyberattack)

First American, one of the largest insurance companies in the United States, has confirmed the cyber-incident it suffered in late December 2023 was indeed a ransomware attack.

As spotted by Cybersecurity Dive, the company filed an updated 8-K form with the Securities and Exchange Commission (SEC) on Friday, December 29, 2023. 

In the filing, the insurance behemoth confirmed suffering a ransomware attack and claimed to be working on addressing it.

Reader Offer: Save up to 68% on Aura identity theft protection

Reader Offer: Save up to 68% on Aura identity theft protection
TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal. Save up to 50% today. 

 Preferred partner (What does this mean?) 

View Deal

American financial behemoth

“Though the incident is still under investigation, the Company believes the perpetrator of the activity accessed certain Company systems, exfiltrated data and encrypted data on certain non-production systems,” First American said in the filing. “The Company continues to assess whether the incident will have a material impact on the Company’s financial condition or results of operations, which at this point cannot be determined.”

The initial reports emerged around December 20. Back then, First American reported “unauthorized activity” on some of its IT systems. 

“Upon detection of the unauthorized activity, the Company took steps in an effort to contain, assess and remediate the incident. On December 20, 2023, the Company elected to isolate systems from the Internet,” the filing further explained. “The Company has retained leading experts, worked with law enforcement, and notified certain regulatory authorities.”

Since then, First American believes it has successfully contained the attack and is now in the process of restoring access to its systems and resuming normal business operations.

First American Financial Corporation is a US financial services company that provides title insurance and settlement services to the real estate and mortgage industries. It was founded in 1889, and last year generated $7.6 billion in revenue. Headquartered in California, it has more than 21,000 employees. 

This is not the only time First American has suffered a cyberattack. Roughly a month ago, it paid a $1 million penalty to settle violations of New York’s Department of Financial Services’ (DFS) Cybersecurity Regulation, for a data breach that occurred in May 2019.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.