Tag Archive for: national

Fidelity National Financial discloses cyberattack previously linked to ransomware gang

/in


Insurance and settlement service giant Fidelity National Financial Inc. has officially disclosed that they suffered from a “cybersecurity incident” that the infamous ransomware gang ALHPV/BlackCat claimed responsibility for in November.

The disclosure came via a Jan. 9 filing with the U.S. Securities and Exchange Commission, which states that Fidelity National became aware of a cybersecurity incident on Nov. 19 that impacted certain systems. The company then ticked off the standard response list: hiring third-party experts, notifying law enforcement and regulatory authorities and taking measures to block access to affected systems.

The incident is described as causing “varying levels of disruption” before being contained on Nov. 26 and systems restored. An investigation completed on Dec. 19 subsequently found that an unauthorized third party had accessed certain systems, deployed malware and exfiltrated certain data.

Fidelity National added that it has no evidence that any customer-owned system was directly impacted in the incident and no customer has reported that this has occurred. The last confirmed date of unauthorized third-party activity in the company’s network occurred Nov. 20.

Affected customers have been notified and offered credit monitoring, web monitoring and identity theft restoration services. Fidelity is also continuing to coordinate with law enforcement, its customers, regulators, advisers and other stakeholders.

What’s missing from the disclosure is any mention of ransomware. Companies describing attacks at cybersecurity incidents aren’t new, but usually, the notices don’t follow widespread media coverage of them being targeted by a ransomware gang. That ALPHV/BlackCat is behind the attack is also highly believable, as the ransomware gang was one of the most prolific through 2023.

Cybersecurity experts agree with Craig Jones, vice president of security operations at SecOps security company Ontinue Inc., telling SiliconANGLE that per the SEC filing, the attack involved data exfiltration,

“Fidelity National Financial appears to have experienced a ransomware attack attributed to the ALPHV/BlackCat ransomware group,” Jones said….

Source…

Fidelity National now says 1.3M customers had data stolen by cyber-crooks • The Register

/in


Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November.

The mortgage giant, which has assets totaling $74 billion and is one of the largest providers of title insurance and settlement services in the US, disclosed the “cybersecurity incident” in an 8-K filing with the SEC that same month.

At the time, the corporation said the digital break-in forced it to shut down some IT systems and disrupted some of its title and mortgage-related services.

Ransomware gang ALPHV/BlackCat claimed responsibility for the attack shortly after, though the crew revealed few details about what data they allegedly stole. This was before law enforcement seized the gang’s dark-web site in December.

FNF also has yet to describe the incident as a ransomware infection, and did not respond to The Register‘s inquiries about the nature of the cybersecurity incident.

In an amended 8-K report filed on Tuesday, FNF provided additional details about the intrusion that it said were based on the findings of its forensic investigation, which was completed on December 13.

“We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data,” the SEC filing says. “The company has no evidence that any customer-owned system was directly impacted in the incident, and no customer has reported that this has occurred. The last confirmed date of unauthorized third-party activity in the company’s network occurred on November 20, 2023.”

FNF also said it notified about 1.3 million customers whose data was stolen, and will provide credit monitoring and identity services to those affected. 

The biz added it “has been named as a defendant in several lawsuits related to this incident.” And it still maintains that, “at this time, we do not believe that the incident will have a material impact on the company.” 

By that, it may think it can absorb any financial hit from the cyberattack. Another mortgage lender, Mr Cooper, last month said it expects to spend at least $25 million cleaning up its earlier security breach, which saw almost…

Source…

Top 10 investigations and national security stories of 2023

/in


This year saw Computer Weekly and Byline Times reveal an extraordinary secret campaign by right-wing Brexit supporters against the world’s leading science journal, Nature. The group, which had high-level connections in politics, business and intelligence, attempted to put Nature and its editor under surveillance and investigated by intelligence agencies for alleged “extreme Sinophile views”.

Surveillance has also been a preoccupation of the Home Office this year, as the government seeks to revise the Investigatory Powers Act 2016 to make it easier for police and intelligence agencies to access large databases on the population, and controversially to require tech companies to inform the government in advance if they make changes to their platforms that could impact surveillance capabilities.

Pressure from the government against tech companies that offer encrypted messaging and email services intensified with the passing of the Online Safety Act in October. The act gives regulator Ofcom powers to require tech companies to scan encrypted services for illegal content, a move that threatens to undermine the security of technology platforms. The act has become law, but it is yet to be seen how – or if – Ofcom will enforce it.

Electronic evidence has been another running theme this year, as Computer Weekly reported on a dispute by an NHS whistleblower and health trust over the authenticity of emails that relate to patient safety concerns. Another NHS employee, meanwhile, deleted thousands of emails before being due to give evidence at an employment tribunal. The courts have also yet to decide whether messages obtained from the police hacking of the EncroChat encrypted phone network are admissible. If they are not, people who have been convicted solely on the basis of EncroChat messages may have their cases overturned.

An investigation by Computer Weekly and Byline Times revealed that the science journal, Nature, had been the target of sustained secret attacks by extreme Brexit supporters with high-level political, commercial and intelligence connections. The group, which included former MI6 chief Sir Richard Dearlove, attempted to put members of staff at Nature

Source…

When Predatory Sparrow Strikes: Israel-Iran Shadow War Awakens – National Security & Cyber – Haaretz

/in



When Predatory Sparrow Strikes: Israel-Iran Shadow War Awakens – National Security & Cyber  Haaretz

Source…