Fidelity National Financial disclosed in an 8K filing with the Securities and Exchange Commission (SEC) on Dec. 10 that 1.3 million customers had their data exposed in a cyberattack.
However, the large real estate services company did not confirm in the filing if it was the victim of a ransomware attack. Instead, the 8K filing said FNF “determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating.”
…
Ashley Leonard, chief executive officer at Syxsense, added that despite FNF not publicly saying “ransomware,” the filing information about the attack all point to ransomware, such as the not self-propagating, the exfiltration of data, and the fact that customer systems were not directly impacted.
“Typically, ransomware is not considered a self-propagating type of malware, meaning it cannot jump to other devices on the network and replicate itself,” said Leonard. “Ransomware usually starts from a phishing email, someone opening or downloading and running a malicious file like an attachment, or taking advantage of an unpatched system. This isn’t true of all ransomware (the notable exception is WannaCry), but given the precise language used here, it’s most likely ransomware.”
