May 29, 2024 at 06:36AM First American Financial Corporation disclosed a cyberattack compromising personal information of 44,000 individuals, impacting its subsidiaries. The company took systems offline for containment and later restoration. It informed SEC of the data breach and pledged to notify affected individuals, offer credit monitoring, and didn’t disclose the ransomware gang or payment … Read more
May 28, 2024 at 06:29PM First American Financial Corporation, the second-largest US title insurance company, reported a December cyberattack impacting 44,000 individuals. The California-based company, founded in 1889, offers financial and settlement services to real estate professionals. This breach came a month after settling a 2019 hack and is similar to recent incidents in other … Read more
March 19, 2024 at 08:19AM Nations Direct Mortgage notified over 83,000 individuals of a December 2023 data breach leading to unauthorized access of personal information including names, addresses, and Social Security numbers. The company claims no evidence of data exfiltration or fraudulent use and is offering identity monitoring services. Nations Direct faces a class action … Read more
March 18, 2024 at 05:43PM The SEC announced settlements with investment advisers Delphia (USA) and Global Predictions for misleading claims about using AI technology in their services. Both companies agreed to pay $400,000 in civil penalties for “AI washing” activities. The SEC found false representations about AI usage, leading to violations of the Advisers Act. … Read more
March 5, 2024 at 08:06AM American Express informs customers of a data breach at a third-party services provider, affecting some card members’ account information. Compromised data includes names, card account numbers, and expiration dates. The company is monitoring for fraud and advises impacted individuals on protecting their information. It is unclear how many people were … Read more
January 24, 2024 at 11:40AM Global financial technology firm EquiLend faced a cyberattack resulting in system disruptions and unauthorized network access. The company is working to restore affected services, engaging third-party experts for investigation. A recent acquisition by U.S. private equity firm WCAS is pending, with an additional $200 million investment committed. EquiLend’s Next Generation … Read more
January 22, 2024 at 06:09AM LADH Limited, a financial services company, was fined £50,000 by the UK’s data regulator for illegally sending over 31,000 spam text messages without consent. The company failed to offer recipients the chance to opt out, and claimed to have received consent from a third party without written confirmation. The ICO … Read more
January 17, 2024 at 06:30AM Oracle issued 389 new security patches in its January 2024 Critical Patch Update, addressing numerous critical-severity vulnerabilities. The update covers over 200 unique CVEs, with emphasis on Financial Services Applications, Communications, and MySQL. Oracle urges prompt patch application, warning of potential in-the-wild exploitation. The company plans three more Critical Patch … Read more
January 10, 2024 at 06:23PM Fidelity National Financial disclosed a cybersecurity incident that led to unauthorized access of 1.3 million customers’ data. The intrusion was attributed to ransomware group ALPHV/BlackCat. FNF’s forensic investigation revealed that certain data was exfiltrated, though it claimed no direct customer impact. The company is providing credit monitoring and identity services … Read more
December 21, 2023 at 02:11PM First American Financial Corporation, the second-largest title insurance company in the U.S., experienced a cyberattack, leading to the shutdown of certain systems. This California-based company, with over 21,000 employees and annual revenue of $7.6 billion, faced a $1 million penalty for cybersecurity violations in 2019. Similarly, Fidelity National Financial also … Read more