In December 2023, The First American Financial Corporation, a major title insurance company in the US, experienced a cyberattack. This resulted in the personal information of approximately 44,000 individuals being exposed.
The company disclosed this data breach to the US Securities and Exchange Commission (SEC) on May 28, 2024. This revelation has raised significant concerns regarding the company’s data security.
"Palo Alto Networks has observed threat activity exploiting an unauthenticated remote command execution vulnerability against a limited number of firewall...
The filing revealed that hackers had breached some of First American’s systems and accessed sensitive data without permission.
“As of the date of this filing, the Company’s investigation of the incident has concluded. Based upon our investigation and findings, the Company has determined that personal information pertaining to approximately 44,000 individuals may have been accessed without authorization as a result of the incident,” the company stated.
In response, First American will notify affected individuals and offer them free credit monitoring and identity protection services to prevent further harm from the data breach.
“The Company will provide appropriate notifications to potentially affected individuals and offer those individuals credit monitoring and identity protection services at no cost to them,” the company stated in filing.