alphv attacks North View Escrow Corp

Incident Date:

March 24, 2022

World map

Overview

Title

alphv attacks North View Escrow Corp

Victim

North View Escrow Corp

Attacker

Alphv

Location

Easley, USA

South Carolina, USA

First Reported

March 24, 2022

Ransomware Attack on North View Escrow Corp

North View Escrow Corp, a prominent entity in the real estate sector based in Greenville, South Carolina, recently fell victim to a ransomware attack orchestrated by the group ALPHV, also known as BlackCat. The cyberattack specifically targeted the company's online presence, leading to significant disruptions.

As a subsidiary within the expansive Fidelity National Financial (FNF) network, the largest title insurer in the nation, North View Escrow Corp is associated with key industry players such as mortgage loan subservicer LoanCare and 1031 exchange facilitator IPX1031. Despite the gravity of the situation, FNF has remained silent on the matter since the ransomware group ALPHV publicly claimed responsibility for the attack on November 22, 2023.

This incident is indicative of a larger pattern of ransomware attacks that have been increasingly affecting various sectors including financial services, education, transportation, and government entities. In response to the escalating threat, the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity advisory on November 21. The advisory highlights the exploitation of a software vulnerability by several ransomware groups, including LockBit 3.0 and its affiliates.

Ransomware attacks involve the deployment of malicious code that encrypts a victim's data, which is then held hostage until a ransom is paid. In the scenario involving North View Escrow Corp, unauthorized access to the company's systems led to significant operational disruptions. Although the specific vulnerability exploited in this attack has not been disclosed, the successful breach by ALPHV suggests a critical weakness in the company's cybersecurity defenses.

The attack underscores the imperative for organizations to enhance their cybersecurity posture and remain vigilant against ransomware threats. Implementing comprehensive cybersecurity measures is essential for safeguarding systems and sensitive data from such malicious activities.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.