Breach taxonomy
Summary
Fidelity National Financial became aware of a cybersecurity incident impacting certain FNF systems in November 2023. The company blocked access to certain systems as a containment measure, causing disruptions to title insurance, escrow, mortgage transaction services, and real estate technology services. An unauthorized third party accessed certain FNF systems and acquired certain credentials. The company's majority-owned subsidiary F&G Annuities & Life was not impacted. Filed under Item 8.01; materiality assessment ongoing.
Tagging rationale
ThreatUnknown
Filing does not attribute the incident to a specific actor → UNKNOWN.
MethodsData ExfilCred Stuffing
Unauthorized third party accessed FNF systems and acquired credentials (CRED-STUFFING / credential access); data including credentials was exfiltrated → DATA-EXFIL + CRED-STUFFING.