You may have a claim against First American if you used First American’s services when buying or selling real estate and had related documents available for viewing on First American’s website. Contact Franklin D. Azar and Associates immediately. We will fight to get you the recovery you deserve.
Summary of the Data Breach
On May 24, 2019, cybersecurity expert Brian Krebs revealed that the website for Fortune 500 real estate title insurance company First American Financial Corp. [NYSE: FAF] leaked approximately 885 million documents related to mortgage deals going back as far as 2003. The leaked documents contained bank account numbers and statements, mortgage and tax records, social security numbers, wire transaction receipts, and driver’s license images. Anyone with a web browser could access the documents without authentication. Anyone that knew the URL for a valid document on the website could view other documents by modifying a single digit in the link.
The implications of this data breach are expansive. According to Brian Krebs, “the information exposed by First American would be a virtual gold mine for phishers and scammers involved in so-called Business Email Compromise (BEC) scams, which often impersonate real estate agents, closing agencies, [and] title and escrow firms in a bid to trick property buyers into wiring funds to fraudsters. According to the FBI, BEC scams are the most costly form of cybercrime today. Armed with a single link to a First American document, BEC scammers would have an endless supply of very convincing phishing templates to use. A database like this also would give fraudsters a constant feed of new information about upcoming real estate financial transactions—including the email addresses, names and phone numbers of the closing agents and buyers.”
Response from First American Financial
In response to the data breach, a spokesperson stated: First American has learned of a design defect in an application that made possible unauthorized access to customer data. At First American, security, privacy and confidentiality are of the highest priority and we are committed to protecting our customers’ information. The company took immediate action to address the situation and shut down external access to the application. We are currently evaluating what effect, if any, this had on the security of customer information. We will have no further comment until our internal review is completed.
However, affected persons have suffered an ascertainable loss in that they must undertake additional security measures, some at their own expense, to minimize the risk of future data breaches. Furthermore, affected persons have no guarantee that the above security measures will in fact adequately protect their personal information. Affected persons therefore have an ongoing interest in ensuring that their personal information is protected from past and future cybersecurity threats.
Submit Your Information
We Can Help You Today