Kevin BeaumontNov 22, 2023

Another #CitrixBleed ransomware. Fidelity National Financial

https://techcrunch.com/2023/11/22/fidelity-national-financial-shuts-down-network-in-wake-of-cybersecurity-incident/

Fidelity National Financial shuts down network in wake of cybersecurity incident | TechCrunch

Real estate services company Fidelity National Services announced that it had suffered a "cybersecurity incident," which has forced it to shut down some systems.

TechCrunch
Show threadKevin BeaumontNov 22, 2023
Source = me or whatever. They patched Netscaler late, visible on Shodan.
Show threadKevin BeaumontNov 22, 2023
Transparency: Deleted a toot in this thread. I flagged another company called Fidelity who also patched late.
Show threadKevin BeaumontNov 22, 2023
Restoring toot - it turns out Fidelity National Financial, Inc. and Fidelity National Information Service merged years ago. Both patched #CitrixBleed late and now have security incidents involving a ransomware group.
Show threadKevin Beaumont
BlackCat ransomware group have claimed Fidelity National Financial, a Fortune500 company. HT @AlvieriD #threatintel
Nov 22, 2023 at 11:57pmWeb
Show threadKevin BeaumontNov 23, 2023
Fidelity National Financial’s website is offline. https://fnf.com/ (or intermittently available depending on location)
Show threadKevin BeaumontNov 23, 2023

Fidelity National Financial ransomware incident is causing problems across the US housing market. They own a ton of downstream companies, eg Chicago Title, and they’re also offline. https://dataconomy.com/2023/11/23/fidelity-national-financial-data-breach/

Btw it isn’t out in the media yet it’s ransomware, but it definitely is.

Fidelity National Financial data breach: All details

Fidelity National Financial data breach emerged as a headline on Tuesday when the Fortune 500 giant, specializing in title insurance

Dataconomy
Show threadKevin BeaumontNov 29, 2023
Fidelity National Financial have been removed from BlackCat’s ransomware portal. Translation: they paid.
Show threadKevin BeaumontDec 27, 2023
The Fidelity National Financial breach by AlphV with CitrixBleed continues to have ripple effect https://www.bleepingcomputer.com/news/security/mortgage-firm-loancare-warns-13-million-people-of-data-breach/
Mortgage firm LoanCare warns 1.3 million people of data breach

Mortgage servicing company LoanCare is warning 1,316,938 borrowers across the U.S. that their sensitive information was exposed in a data breach at its parent company, Fidelity National Financial.

BleepingComputer
Show threadLesley Carhart Nov 29, 2023
@GossiTheDog phewwww they have their hands in a lot of people’s shit, often involuntarily
Show threadAvoid the Hack! Nov 29, 2023

@GossiTheDog guess we'll see the leak in a few months.

Also... double-extortion incoming in near future.

Show threadAndrzej StamburskiNov 29, 2023
@GossiTheDog Just to summarise the results of paying hackers:
- Stolen data will still be misused in any possible way (but quiet, without attributing to the victim)
- Hackers will do whatever possible to maintain the access to the victim IT systems (but they will temporarily not use it)
- Restoring hacked systems will still cost fortune (even getting some help from hacker initially, there's still a lot to do)
So the only reason to pay hackers is because otherwise shareholders will panic, right?
Show threadMatt BlazeNov 23, 2023
@GossiTheDog Just to confirm, since there seem to be dozens of financial industry firms named "Fidelity", this is a different Fidelity from the place that holds my 401(k), correct?
Show threadTim FarleyNov 23, 2023
@mattblaze @gossithedog It is a different company.