Big Four title firm Fidelity National Financial and its subsidiary mortgage subservicer Loancare are facing a class action lawsuit alleging that they were negligent with customer data and that they breached their contract, after the firm was the victim of a cyber security attack in late-November.
The suit was filed last Tuesday by Teneika Tillis, a Loancare servicing client, in U.S. District Court for Central California. The complaint states that Tillis filed the suit “upon information and belief” that her personal identifiable information had been comprised in the attack.
“The data breach itself and information defendants have disclosed about the breach to date, including its length, the need to remediate defendants’ cybersecurity and the sensitive nature of the impacted data, collectively demonstrate defendants failed to implement reasonable measures,” the complaint states.
In addition, Tillis claims as a result of the data breach the plaintiff class has been “required to continue to undertake time-consuming and oten costly efforts to mitigate the actual and potential harm.”
The complaint also maintains that Loancare should have notified consumers of inadequate securitymeasures after it reported a data breach around August 2022. “Defendants thus failed to take reasonable measures to secure its system,” the lawsuit said.
Roughly a week after initially reporting the attack, Fidelity said the incident was contained, however the firm has yet to disclose the type of personal information that may have been acquired by the cyber criminals or the number of clients impacted by the incident.
Shortly after the incident, ransomware gang AlphV/BlackCatclaimed responsibility.
In an online post last week, AlphV/BlackCat blamed Fidelity for allegedly hiring incident responders from Google’s Mandiant unit and threatened to disclose information on data it collected.
Tillis is demanding a jury trial and a damages amount that is “equitable relief with pre-judgment and post-judgment interest” to the plaintiff and members of the class.
Mr.Cooper, which became the victim of a cyber security attack in late October, is currently facing four class action suits as a result of the attack.
Related
FAQs
In most cases, companies reacted quickly, by taking the cyber attack under control. Further on, it took the organizations 33 days on average to complete the forensic investigation of the attacks. The longest the companies needed, was the time to notify about the cyber incident, which took 60 days on average.
What is the fidelity data breach lawsuit? ›
Migliaccio & Rathod LLP is involved in the Fidelity Investments Life Insurance Company (“Fidelity”) data breach investigation, for a data breach affecting 28,268 individuals and their personal information. Fidelity learned of unauthorized activity on the Infosys McCamish, LLC (“IMS”) computer systems in November 2023.
Did Fidelity pay ransom? ›
The ransomware gang removed FNF from the list the same day, suggesting that the mortgage services provider paid a ransom. By September 2023, BlackCat had compromised over 1,000 organizations globally, three-quarters based in the United States.
Does fidelity protect against hackers? ›
Fidelity Customer Protection Guarantee
That's why we offer this guarantee: We will reimburse you for any financial losses that result from unauthorized activity on your accounts. Por favor lea nuestra Garantía de protección al cliente de Fidelity.
What will you immediately do in case of a cyber attack? ›
i. Disconnect affected devices from the network and change passwords. ii. Contact hosting providers to request immediate remedial actions (, change passwords, freeze access to portals, stop all network traffic to and from affected resources, shut down drives).
What is the effective response to a cyber attack? ›
Notify Affected Individuals - Notify the individuals affected by the breach so they can take steps to ensure their data is not used fraudulently (like freezing their credit cards and credit records). Designate A Contact - Designate a contact from your organization to release the notifications when appropriate.
How much compensation can you get for a data breach? ›
Under DPA and GDPR, you are entitled to file a data breach claim up to £2,000 or more in data breach compensation if: Your personal data has been leaked, disclosed, lost, mis-used or hacked, corrupted. It doesn't matter if you suffered economic loss, you still can make a claim. breach was deliberate or negligent.
Can you be compensated for a data breach? ›
The GDPR gives you a right to claim compensation from an organisation if you have suffered damage as a result of it breaking data protection law. This includes both “material damage” (e.g. you have lost money) or “non-material damage” (e.g. you have suffered distress).
What happens if Fidelity goes bust? ›
The Securities Investor Protection Corporation (SIPC) is a nonprofit organization that protects stocks, bonds, and other securities in case a brokerage firm goes bankrupt and assets are missing. The SIPC will cover up to $500,000 in securities, including a $250,000 limit for cash held in a brokerage account.
Is it safe to have all money with Fidelity? ›
Protecting your assets
With our Customer Protection Guarantee, we reimburse you for losses from unauthorized activity in your accounts. We also participate in asset protection programs such as FDIC and SIPC to help provide the best service possible.
Is Fidelity a safe company to invest with? Yes, Fidelity is one of the safest brokerages to invest with. It's an industry leader with a stellar reputation and fully regulated in the U.S. with the SEC and FINRA, is trusted by over 43 million people and holds over $11.5 trillion in assets under administration.
Is Fidelity financially stable? ›
Fidelity Investments had another year of strong financial performance spurred by robust customer and account growth. The company had outstanding operating performance in each of its major lines of business—retail brokerage, wealth management, workplace benefits, asset management, and clearing and custody.
Is Fidelity no longer FDIC insured? ›
Fidelity is not a bank and brokerage accounts are not FDIC-insured, but uninvested cash balances are eligible for FDIC insurance. Balances above $5 million may be placed in a non-FDIC insured money market fund, which earns a different rate. See details in Learn more section below.
Are my stocks safe on Fidelity? ›
Insurance protection for your investments.
You should be aware that your brokerage account, which is maintained with Fidelity, is afforded protection by the Securities Investor Protection Corporation (SIPC). Securities in accounts carried by NFS are protected up to $500,000 in accordance with SIPC.
What happens to my investments if Fidelity goes bust? ›
The Securities Investor Protection Corporation (SIPC) is a nonprofit organization that protects stocks, bonds, and other securities in case a brokerage firm goes bankrupt and assets are missing. The SIPC will cover up to $500,000 in securities, including a $250,000 limit for cash held in a brokerage account.
How do I know if I was a victim of data breach? ›
One of the best ways to check if you have been hacked is to enter your email into a number of data breach websites that track breaches and verify them as genuine. The websites will tell you if your email and associated passwords were part of any known data breaches.
What happens if Fidelity account is hacked? ›
Fidelity will determine the type and amount of reimbursem*nt, including whether to replace the securities in your account that were taken, and may seek restitution for reimbursem*nts made under this guarantee from the person(s) or entity that committed the unauthorized activity.
Has there been a data breach at Fidelity? ›
Fidelity Investments has disclosed a data breach that impacted more than 28,000 customers.
