cheers attacks An Insurance Company -Paid

Incident Date:

August 9, 2022

World map



cheers attacks An Insurance Company -Paid


An Insurance Company -Paid




Wyndham St, Hong Kong

Central, Hong Kong

First Reported

August 9, 2022

First American Mortgage Solutions Targeted by Ransomware Group Cheers

Company Overview

First American Mortgage Solutions, a subsidiary of First American Financial Corporation, has been targeted by the ransomware group Cheers. The attack was announced on the group's dark web leak site. First American Mortgage Solutions is a leading provider of title insurance, specialty insurance, and real estate-related services, known for its digital transformation and consumer enablement across the loan spectrum. Their offerings encompass a wide range of services including data, analytics, valuations, title, settlement, document creation and management, risk mitigation, and default services.

Industry Standout

As a notable entity in the insurance sector, First American Mortgage Solutions distinguishes itself by delivering a comprehensive suite of services tailored to the mortgage industry's unique requirements. Their innovative solutions are designed to simplify the loan process and equip lenders with critical insights for making informed decisions. This focus on innovation and customer satisfaction has solidified their position as a preferred provider in the mortgage industry.


The recent ransomware attack on First American Mortgage Solutions brings to light the vulnerabilities faced by many organizations in the digital era. Cybercriminals often target entities with valuable data or those heavily dependent on digital infrastructures. Although the specific vulnerability exploited in this attack has not been disclosed, it serves as a critical reminder for all organizations to uphold stringent cybersecurity practices to fend off such threats.

Impact of the Attack

This ransomware attack has significantly disrupted First American Mortgage Solutions' operations, leading to potential financial and reputational damages. The demand for a ransom in exchange for decryption keys further exacerbates the financial strain on the company. This incident highlights the imperative need for organizations to prioritize cybersecurity and adopt comprehensive measures to mitigate the risk of ransomware attacks.


  • First American - Title Insurance, Specialty Insurance, and Real Estate-Related Services | First American
  • Ransomware Insurance Claims From Businesses Hit Historic High - Forbes
  • Ransomware attack on U.S. health care payment processor 'most serious incident of its kind leveled against a U.S. health care organization' - NBC News
  • After failed ransomware attack, hackers stole data on 533k people from Wisconsin insurance company - The Record
  • Cyberattack on insurance giant disrupting business for doctors, therapists - CNN
  • Health insurance company allegedly paid $22M to recover data after ransomware attack - Reuters

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.