In December 2023, The First American Financial Corporation, a major title insurance company in the US, experienced a cyberattack. This resulted in the personal information of approximately 44,000 individuals being exposed.
The company disclosed this data breach to the US Securities and Exchange Commission (SEC) on May 28, 2024. This revelation has raised significant concerns regarding the company’s data security.
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
The filing revealed that hackers had breached some of First American’s systems and accessed sensitive data without permission.
Source: sec.gov
“As of the date of this filing, the Company’s investigation of the incident has concluded. Based upon our investigation and findings, the Company has determined that personal information pertaining to approximately 44,000 individuals may have been accessed without authorization as a result of the incident,” the company stated.
In response, First American will notify affected individuals and offer them free credit monitoring and identity protection services to prevent further harm from the data breach.
“The Company will provide appropriate notifications to potentially affected individuals and offer those individuals credit monitoring and identity protection services at no cost to them,” the company stated in filing.