The verdict is in — the old way of doing business is over. Join us at Inman Connect New York Jan. 23-25, when together we’ll conquer today’s market challenges and prepare for tomorrow’s opportunities. Defy the market and bet big on your future.

Two days after being hit by a cyberattack, title insurance giant First American Financial said Friday it’s still trying to restore operations, warning clients that it’s taken its email system offline and to be wary of any messages that are supposedly from the company.

“First American’s email system has been taken offline,” the company announced Friday afternoon. “Any recipient of an email purporting to be from First American, First American Title or from FirstAm.com should be vigilant about cybersecurity risks and avoid clicking on unknown or suspect links.”

The notice was posted at 1:10 p.m. Eastern time Friday on a temporary website, FirstAmUpdate.com, that First American launched this week to keep clients informed about the company’s response to a cyberattack that has disrupted the company’s operations.

In a separate notice to investors, First American said it’s “working diligently” to restore systems it took offline Wednesday and to resume normal operations as soon as possible, “but cannot estimate the duration or extent of the disruption at this time. The company has retained leading experts, is working with law enforcement and notified certain regulatory authorities.”

The nation’s second-biggest title insurer, First American also provides settlement services, data products, valuation services, mortgage subservicing, and banking and wealth management services.

It’s the latest victim in a wave of cybersecurity attacks that have disrupted computer networks at more than 1,000 businesses and government entities.

The nation’s largest title insurer, Fidelity National Financial (FNF), says it contained a security breach on Nov. 26, but has not commented on reports that the company was the target of a ransomware attack exploiting a software vulnerability in Netscaler, Citrix Bleed.

Loan servicing giant Mr. Cooper shut down its systems for four days at the beginning of November after uncovering a security breach that the company said this week may have compromised the personal information of nearly 15 million past and present customers.

Federal law enforcement officials said in an announcement this week that a ransomware group known as Blackcat, ALPHV or Noberus, has infiltrated the computer networks of more than 1,000 victims, “including networks that support U.S. critical infrastructure.”

Some victims have used a decryption tool developed by the FBI to avoid paying ransom demands totaling approximately $68 million, the U.S. Department of Justice Department said.

Get Inman’s Mortgage Brief Newsletter delivered right to your inbox. A weekly roundup of all the biggest news in the world of mortgages and closings delivered every Wednesday. Click here to subscribe.

Email Matt Carter

Show Comments Hide Comments
Sign up for Inman’s Morning Headlines
What you need to know to start your day with all the latest industry developments
By submitting your email address, you agree to receive marketing emails from Inman.
Success!
Thank you for subscribing to Morning Headlines.
Back to top
Only 3 days left to register for Inman Connect Las Vegas before prices go up! Don't miss the premier event for real estate pros.Register Now ×
Limited Time Offer: Get 1 year of Inman Select for $199SUBSCRIBE×
Log in
If you created your account with Google or Facebook
Don't have an account?
Forgot your password?
No Problem

Simply enter the email address you used to create your account and click "Reset Password". You will receive additional instructions via email.

Forgot your username? If so please contact customer support at (510) 658-9252

Password Reset Confirmation

Password Reset Instructions have been sent to

Subscribe to The Weekender
Get the week's leading headlines delivered straight to your inbox.
Top headlines from around the real estate industry. Breaking news as it happens.
15 stories covering tech, special reports, video and opinion.
Unique features from hacker profiles to portal watch and video interviews.
Unique features from hacker profiles to portal watch and video interviews.
It looks like you’re already a Select Member!
To subscribe to exclusive newsletters, visit your email preferences in the account settings.
Up-to-the-minute news and interviews in your inbox, ticket discounts for Inman events and more
1-Step CheckoutPay with a credit card
By continuing, you agree to Inman’s Terms of Use and Privacy Policy.

You will be charged . Your subscription will automatically renew for on . For more details on our payment terms and how to cancel, click here.

Interested in a group subscription?
Finish setting up your subscription
×