First American, a leading insurance provider headquartered in Santa Ana, California, has confirmed a data breach that exposed the personal information (PII) of over 44,000 customers.
News of the incident first emerged in late December 2023, when the company's website went offline. While initial reports suggested a cyberattack, details remained scarce. Subsequently, First American filed a mandatory notification with the Securities and Exchange Commission (SEC) acknowledging the potential compromise of customer data.
On May 28, 2024, the company concluded its investigation, revealing that the incident involved a ransomware attack and that the data of over 44,000 individuals was accessed without authorization.