Collateral Damage from Fidelity National Financial Hack? Customer Data

A small number of employees at the mortgage provider had their email accounts breached during a targeted cyber assault.

As a result, sensitive information – including Social Security numbers, bank account numbers and payment card numbers -- of an undisclosed number of clients might have been accessible.

“Our third-party security expert has advised us that the apparent purpose of the attackers' activity was to obtain information about ongoing business transactions in order to redirect scheduled money transfers,” Paul Perez, chief compliance officer with Fidelity National Financial, wrote in a Sept. 23 notification letter. “The third-party security expert has further advised us that the attackers' behavior was not designed to access or acquire large volumes of personal information.”

Through a phishing scheme, the attackers obtained usernames and passwords for the employee email accounts. The hackers then logged into a subset of those accounts, and might have seen sensitive information.

Exactly who was impacted was not made explicit, but the notification states that Fidelity National Financial is the parent company of Ticor Title Company of Oregon, Ticor Title of Nevada, Inc., Lawyers Title Company, and Lawyers Title of Oregon, LLC, which provide title insurance and real estate settlement services in Oregon, Nevada, and/or California.