Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Fidelity National Financial

Group: alphv

Discovered by ransomware.live: 2023-11-22

Estimated attack date: 2023-11-22

Country: US

Description:

Fidelity National Financial (NYSE: FNF) is the nation's largest group of title companies and underwriters in the country and, collectively, we issue more title insurance policies than anyone else in the United States.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 17

Compromised Users: 46

Third Party Employee Credentials: 32

External Attack Surface: 39


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • mxa-005b2203.gslb.pphosted.com.
  • mxb-005b2203.gslb.pphosted.com.
TXT Records
  • apple-domain-verification=vLlRmpZhe5YAKIXf
  • nulab-verification-code=W4kvcDSbztrMq4pYIZNK7BAuBtwpeSv0Oxc4dWteoFyYnZ7MeMtNAvKMafSa09eN
  • v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com -all
  • infoblox-domain-mastery=dd8e01f06e50cf8e3ea0995fcf421ed14666fe955459c9e2e6df7a403b77186788
  • docusign=dcd62b53-d383-4a84-9a08-2a12841672d8
  • _1ekhptizhf72o9wgygdt39jyr7omd5b
  • onetrust-domain-verification=29edfe9968fa4fe29c41444cf6e192ac
  • jamf-site-verification=iQFxy-rCSn-z5kFCvwmwLA
  • _xycklo920dlywyqozt6jqh3c34btp0c
  • box-domain-verification=2546bda671e45cd4256eb3eb1a36f1b037a490f319010076d8903449ac6e9339
  • atlassian-domain-verification=0QASv6mz2MFSt0guV8Af1beScMJO/EDPkXt/NHfwv/W0po/xzLmZvsYhgGicFmoA
  • YKnj3EECXkLXSUrF3RDHxTmD
  • dgmaweex/gtaichxehcjc+ry9beo7ytgj1dfk2fl+krfsp8gn5gp8/5qtnbrecyvkvamzef1tdhwrazjnlvqeg==
  • miro-verification=f187490afb4615fe7124a9e0358e297859677d35
  • docusign=53b59af3-9b0e-4db8-b634-cbf35c3ccded
  • ms=ms18681770
  • openai-domain-verification=dv-eAHl0XSyrosHGQN3dz8Xxfdi
  • atlassian-domain-verification=RST5ZxrjIdaJTu2qWaE3lwo7poC9knE8EgokUftNDVaBhsBvuoltMHIDSvCXb66s
  • yahoo-verification-key=rGE7TO75yLgDiHMEbjsQAPihbtuh+k+BerehSio0iPo=
  • google-site-verification=Oz_qPPjAq8-dNsR1HO-QiMJFAKepqSkuuX_kei3GeTc
Cloud / SaaS Services Detected
Apple Atlassian Box Microsoft 365 Miro JamF OneTrust DocuSign Proofpoint

Leak Screenshot:

Leak Screenshot