alphv attacks North View Escrow Corp
Incident Date:
March 24, 2022
Overview
Title
alphv attacks North View Escrow Corp
Victim
North View Escrow Corp
Attacker
Alphv
Location
First Reported
March 24, 2022
Ransomware Attack on North View Escrow Corp
North View Escrow Corp, a prominent entity in the real estate sector based in Greenville, South Carolina, recently fell victim to a ransomware attack orchestrated by the group ALPHV, also known as BlackCat. The cyberattack specifically targeted the company's online presence, leading to significant disruptions.
As a subsidiary within the expansive Fidelity National Financial (FNF) network, the largest title insurer in the nation, North View Escrow Corp is associated with key industry players such as mortgage loan subservicer LoanCare and 1031 exchange facilitator IPX1031. Despite the gravity of the situation, FNF has remained silent on the matter since the ransomware group ALPHV publicly claimed responsibility for the attack on November 22, 2023.
This incident is indicative of a larger pattern of ransomware attacks that have been increasingly affecting various sectors including financial services, education, transportation, and government entities. In response to the escalating threat, the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity advisory on November 21. The advisory highlights the exploitation of a software vulnerability by several ransomware groups, including LockBit 3.0 and its affiliates.
Ransomware attacks involve the deployment of malicious code that encrypts a victim's data, which is then held hostage until a ransom is paid. In the scenario involving North View Escrow Corp, unauthorized access to the company's systems led to significant operational disruptions. Although the specific vulnerability exploited in this attack has not been disclosed, the successful breach by ALPHV suggests a critical weakness in the company's cybersecurity defenses.
The attack underscores the imperative for organizations to enhance their cybersecurity posture and remain vigilant against ransomware threats. Implementing comprehensive cybersecurity measures is essential for safeguarding systems and sensitive data from such malicious activities.
Sources
- WNCT: City of Greenville bouncing back from ransomware attack
- Inman: Nation's biggest title insurer hit by ransomware attack, reports say
- Pcmatic: North Carolina City Became Attacker's Newest Ransomware Target
- WCTI12: City of Greenville says it has resolved ransomware attack without having to pay
- SC Media: Ransomware knocks Greenville, N.C. offline
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.