American Land Title Association Suffers Data Breach Compromising Over 600 Company Records

Cyware Labs
Jul 8 · 2 min read
  • The files obtained from the hacker contained almost 600 data entries for title and non-title companies.
  • The data included domain identification, IP addresses, usernames, and passwords.

The American Land Title Association (ALTA) suffered a data breach compromising hundreds of company records in a phishing campaign.

ALTA is the U.S. national trade association representing nearly 6000 title insurance companies, title and settlement agents, independent abstracters, title searchers, and real estate attorneys.

What happened?

An ethical hacker contacted ALTA via twitter and provided files that contained company records. Upon which, ALTA’s IT department begun analyzing the records obtained from the hacker.

The land title association is planning to implement an information security program and response plan in order to protect the companies’ data and systems from data theft and leaks.

“There is no indication the data comes from a specific system breach. There are no signs that the credentials are still active or how they were obtained. We believe this person is also contacting individuals and companies they can identify from the data,” the national trade association said.

What information was compromised?

The files obtained from the hacker contain almost 600 data entries for title and non-title companies. The data included domain identification, IP addresses, usernames, and passwords.

What can you do to protect yourself?

  • ALTA recommends the potentially impacted companies to monitor their systems for unauthorized access, and in case of any suspicious access immediately alert their IT departments.
  • The national trade association also recommends reporting any suspicious emails to the Federal Bureau of Investigation Internet Crime Complaint Center.

The association also suggested some steps to protect company systems which includes:

  • Scanning all the systems and devices for malware.
  • Updating or patching the installed software and operating systems.
  • Requiring company staff to update and change system passwords, especially those containing customer information and banking services.

Originally published at cyware.com on July 8, 2019.

Cyware Labs

Cyware Labs is a product-based cybersecurity provider from New York, USA. Our products enable organizations to develop proactive cyber defense capabilities, effectively leverage cyber threat intelligence, and quickly respond to threats with security orchestration and automation.

Cyware Labs

Written by

We are a product-based #cybersecurity provider with leading solutions to strengthen #SituationalAwareness, #ThreatIntelligence, #CyberFusion and #ThreatResponse

Cyware Labs

Cyware Labs is a product-based cybersecurity provider from New York, USA. Our products enable organizations to develop proactive cyber defense capabilities, effectively leverage cyber threat intelligence, and quickly respond to threats with security orchestration and automation.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade