Breach taxonomy
Summary
First American Financial Corporation identified unauthorized activity on certain IT systems and on December 20, 2023 elected to isolate those systems from the Internet. The company's primary website became inaccessible or inoperative as a result. The company retained leading experts, worked with law enforcement, and notified certain regulatory authorities. As of the filing date, the duration and extent of the disruption could not be estimated.
Tagging rationale
ThreatUnknown
Filing does not attribute the incident to any specific threat actor → UNKNOWN.
MethodsSystem Outage
Filing describes unauthorized activity on IT systems requiring isolation from the internet; no specific attack method disclosed.
AssetsRevenue Process
Filing describes isolation of systems from the internet making the company's primary website inaccessible, disrupting the core revenue-generating platform of a major title insurance company.