Cyber Incident Victim: Fidelity National Financial

In April 2014, Fidelity National Financial experienced a targeted phishing attack compromising a small number of employee email accounts hosted by a third-party service provider. Attackers obtained usernames and passwords through these phishing attempts, gaining intermittent access to a subset of accounts between April 14 and April 16. The investigation revealed no evidence of penetration into Fidelity’s internal network or systems. According to the company’s notification letter dated September 23, 2014, the attackers’ apparent objective was to gather information about ongoing business transactions to redirect scheduled money transfers, rather than to access large volumes of personal data. Personal information potentially exposed included Social Security numbers, bank account numbers, payment card numbers, and driver’s license numbers, though no evidence confirmed actual access to this data.

Fidelity National Financial notified federal law enforcement and engaged a third-party security expert to determine the incident’s scope. The company implemented enhanced email security measures and provided additional employee training to prevent future occurrences. Impacted individuals—whose numbers remain undisclosed—received notification by mail and were offered one year of free identity protection services. The breach affected entities under Fidelity’s umbrella, including Ticor Title Company of Oregon, Ticor Title of Nevada, Inc., Lawyers Title Company, and Lawyers Title of Oregon, LLC, which provide title insurance and settlement services in Oregon, Nevada, and California. The incident was reported to California authorities on October 24, 2014, over six months after the initial compromise.