Recently, Certified Title Corporation (“Certified Title”) confirmed that certain consumer data in the company’s possession was compromised as the result of a ransomware attack on the company’s cloud hosting services provider.
If you received a data breach notification, it is essential you understand what is at risk. More about our investigation into this breach, and what you can do if your data was stolen, is available here.
Last year, 1,862 data breaches affected more than 189 million people. On average, victims of identity theft spend 200 hours and over $1,300 recovering their identity. Many victims also suffer emotional distress, credit damage, and may even end up with a criminal record. Taking immediate action is the best way to prevent the worst consequences of a data breach.
What We Know So Far About the Certified Title Corporation Data Breach
According to an official filing by the company, on July 16, 2021, Cloudstar was targeted in a ransomware attack. As a result of the cyberattack, hundreds of title companies, including Certified Title, were unable to access their computer networks. In response, Certified Title began an investigation to determine if any information entrusted to the company was compromised as a result of the incident.
Despite what Certified Title describes as Cloudstar’s reluctance to assist in identifying the exfiltrated data, on January 26, 2022, Certified Title was eventually able to confirm that certain personal information from the company’s network was leaked onto the dark web.
Upon learning of the extent of the security breach, Certified Title Corp. then reviewed the affected files to determine what information was compromised. While the compromised information varies based on the consumer, it may include your name, mailing addresses, telephone numbers, date of birth, Social Security number, driver’s license number, credit card number, and financial account numbers.
On March 23, 2022, Certified Title Corporation began sending out data breach notification letters to all individuals whose information was compromised as a result of the recent data security incident.
Certified Title Corporation is a title company based in Owings Mills, MD and licensed in 32 states. The company performs title insurance as well as title search and settlement services to brokers, financial institutions, foreclosure attorneys, servicing providers and realtors. Certified Title Corp. employs 35 individuals and generates annual revenue of $9 million.
More About the Causes and Risks of Data Breaches
Often, data breaches are the result of a hacker gaining unauthorized access to a company’s computer systems with the intention of obtaining sensitive consumer information. While no one can know the reason why a hacker targeted Certified Title, it is common for hackers and other criminals to identify those companies believed to have weak data security systems or vulnerabilities in their networks.
Once a cybercriminal gains access to a computer network, they can then access and remove any data stored on the compromised servers. While in most cases a company experiencing a data breach can identify which files were accessible, there may be no way for the company to tell which files the hacker actually accessed or whether they removed any data.
While the fact that your information was compromised in a data breach does not necessarily mean it will be used for criminal purposes, being the victim of a data breach puts your sensitive data in the hands of an unauthorized person. As a result, you are at an increased risk of identity theft and other frauds, and criminal use of your information is a possibility that should not be ignored.
Given this reality, individuals who receive a Certified Title Corporation data breach notification should take the situation seriously and remain vigilant in checking for any signs of unauthorized activity. Businesses like Certified Title are responsible for protecting the consumer data in their possession. If evidence emerges that Certified Title failed to adequately protect your sensitive information, you may be eligible for financial compensation through a data breach lawsuit.
What Are Consumers’ Remedies in the Wake of the Certified Title Data Breach?
When customers decided to do business with Certified Title, they assumed that the company would take their privacy concerns seriously. And it goes without saying that consumers would think twice before giving a company access to their information if they knew it wasn’t going to be secure. Thus, data breaches such as this one raise questions about the adequacy of a company’s data security system.
When a business, government entity, non-profit organization, school, or any other organization accepts and stores consumer data, it also accepts a legal obligation to ensure this information remains private. The United States data breach laws allow consumers to pursue civil data breach claims against organizations that fail to protect their information.
Of course, given the recency of the Certified Title Corporation data breach, the investigation into the incident is still in its early stages. And, as of right now, there is not yet any evidence suggesting Certified Title is legally responsible for the breach. However, that could change as additional information about the breach and its causes is revealed.
If you have questions about your ability to bring a data breach class action lawsuit against Certified Title Corporation, reach out to a data breach attorney as soon as possible.
What Should You Do if You Receive a Certified Title Corporation Data Breach Notification?
If Certified Title Corporation sends you a data breach notification letter, you are among those whose information was compromised in the recent breach. While this isn’t a time to panic, the situation warrants your attention. Below are a few important steps you can take to protect yourself from identity theft and other fraudulent activity:
Identify What Information Was Compromised: The first thing to do after learning of a data breach is to carefully review the data breach letter sent. The letter will tell you what information of yours was accessible to the unauthorized party. Be sure to make a copy of the letter and keep it for your records. If you have trouble understanding the letter or what steps you can take to protect yourself, a data breach lawyer can help.
Limit Future Access to Your Accounts: Once you determine what information of yours was affected by the breach, the safest play is to assume that the hacker orchestrating the attack stole your data. While this may not be the case, it’s better to be safe than sorry. To prevent future access to your accounts, you should change all passwords and security questions for any online account. This includes online banking accounts, credit card accounts, online shopping accounts, and any other account containing your personal information. You should also consider changing your social media account passwords and setting up multi-factor authentication where it is available.
Protect Your Credit and Your Financial Accounts: After a data breach, companies often provide affected parties with free credit monitoring services. Signing up for the free credit monitoring offers some significant protections and doesn’t impact any of your rights to pursue a data breach lawsuit against the company if it turns out they were legally responsible for the breach. You should contact a credit bureau to request a copy of your credit report—even if you do not notice any signs of fraud or unauthorized activity. Adding a fraud alert to your account will provide you with additional protection.
Consider Implementing a Credit Freeze: A credit freeze prevents anyone from accessing your credit report. Credit freezes are free and stay in effect until you remove them. Once a credit freeze is in place, you can temporarily lift the freeze if you need to apply for any type of credit. While placing a credit freeze on your accounts may seem like overkill, given the risks involved, it’s justified. According to the Identity Theft Resource Center (“ITRC”), placing a credit freeze on your account is the “single most effective way to prevent a new credit/financial account from being opened.” However, just 3% of data breach victims place a freeze on their accounts.
Regularly Monitor Your Credit Report and Financial Accounts: Protecting yourself in the wake of a data breach requires an ongoing effort on your part. You should regularly check your credit report and all financial account statements, looking for any signs of unauthorized activity or fraud. You should also call your banks and credit card companies to report the fact that your information was compromised in a data breach.
Below is a copy of the initial data breach letter issued by Certified Title Corporation:
I am writing to inform you about a recent IT incident that may affect the security of your personal information. Certified Title Corporation is a licensed title agent that used a company called Cloudstar as its cloud hosting services provider. Cloudstar had an IT incident. At present, there is no evidence that any of the personal information on Cloudstar’s system was misused in any way. However, in an abundance of caution, we want to notify you of the IT incident and offer you the resources discussed below. We take this incident seriously, and as such, are providing you with information and access to resources so that should you feel it is appropriate to do so, you can protect your personal information.
What Happened? On July 16, Cloudstar, one of the largest providers of IT security solutions and cloud hosting services to the U.S. title insurance industry, experienced a malicious ransomware attack. As a result of Cloudstar’s ransomware attack, hundreds of title companies, including Certified Title, were left completely locked out of their IT environments and digital information. Upon discovery, – Certified Title immediately secured its environment and launched an investigation to determine the scope and extent of Cloudstar’s breach on any of Certified Title’s information. Unfortunately, Cloudstar was not immediately forthcoming with this information, and there was no mechanism by which Certified Title could retrieve the information independently. Inevitably, on October 11, 2022, Cloudstar wrote a letter to Certified Title stating that some of Cloudstar’s information was exfiltrated in the breach. Certified Title demanded that Cloudstar review the exfiltrated data and notify any affected person, but Cloudstar refused. Accordingly, Certified Title requested a copy of the exfiltration data, so that Certified Title could notify any affected persons. Cloudstar did not comply with Certified Title’s request until December 15, 2021. Immediately upon retrieval, Certified Title began its ingestion and review of the documents. On January 26, 2022, the investigation confirmed that Cloudstar’s breach caused Personal Information to be leaked onto the dark web. The Certified Title analyzed the information provided by Cloudstar and it was determined that the leaked data contained your personal information.
What Information Was Involved? The data that was subject to unauthorized access was different in individual cases, however, in general the data may have contained names, mailing addresses, telephone numbers, date of birth, Social Security number, and, in some instances, driver’s license number, and/or credit card/financial account numbers.
What Are We Doing? We take the security of sensitive information very seriously. Upon discovery of this incident, Certified Title immediately secured its systems and took all possible steps to secure personal information. Cloudstar has stated that the problem has been remediated and that their IT systems are operating securely. In addition to conducting a thorough investigation into the incident with the help of a qualified third-party specialist, we implemented additional safeguards and security measures to enhance the privacy and security of information in our systems.
We also want to make sure you have the information you need so that you can take steps to help protect yourself and your identity. We encourage you to remain vigilant and to regularly review and monitor relevant account statements and credit reports and report suspected incidents of identity theft to local law enforcement, your state’s Attorney General, or the Federal Trade Commission (the “FTC”). We have included more information on these steps in this letter.
Complimentary Identity Protection and Credit Monitoring Services
Because of the potential release of private information, we are offering you services provided by Cyberscout, a company specializing in fraud assistance and remediation services.
Representatives are available for 90 days from the date of this letter, to assist you with questions regarding this incident, between the hours of 8:00 am to 8:00 pm Eastern time, Monday through Friday, excluding holidays. Please call the helpline 1-844-517-0763 and supply the fraud specialist with your unique code listed below. To extend these services, enrollment in the monitoring services described below is required.
Additionally, we are providing you with access to Single Bureau Credit Monitoring/Single Bureau Credit Report/Single Bureau Credit Score/Cyber Monitoring services at no charge for twelve months from the date of enrollment.
Upon your completion of the enrollment process, you will have access to the following features:
Access to a credit report with credit score. A credit report is a snapshot of a consumer’s financial history and primary tool leveraged for determining credit-related identity theft or fraud.
Credit monitoring alerts with email notifications to key changes on a consumer’s credit file. In today’s virtual world, credit alerts are a powerful tool to protect against identity theft, enable quick action against potentially fraudulent activity, and provide overall confidence to potentially impacted consumers.
Dark Web Monitoring to provide monitoring of surface, social, deep, and dark websites for potentially exposed personal, identity and financial information in order to help protect consumers against identity theft.
Identity theft insurance of up to $1,000,000 in coverage to protect against potential damages related to identity theft and fraud
Assistance with reading and interpreting credit reports for any possible fraud indicators.
Assistance with answering any questions individuals may have about fraud.
How do I enroll for the free services?
To enroll in Credit Monitoring* services at no charge, please log on to https://www.myidmanager.com and follow the instructions provided. When prompted please provide the following unique code to receive services: l0k9ih63ny0v. In order for you to receive the monitoring services described above, you must enroll within 90 days from the date of this letter.
The enrollment requires an internet connection and an email account, and services may not be available to minors under the age of 18 years of age. When signing up for monitoring services, you may be asked to verify personal information for our own protection to confirm your identity.
Again, this protection is being offered at no cost to you, but you must use Cyberscout’s website (included above) to activate your protection.
What Else Can You Do? In addition to enrolling in the complimentary credit monitoring services being offered, you can review the enclosed Steps You Can Take to Protect Your Information for additional information on how to protect against identity theft and fraud.
On behalf of Certified Title, we are genuinely sorry this incident occurred and apologize for any inconvenience this matter may cause you. We can assure you that we are doing everything we can to protect you and your information, now and in the future. If you have questions about this notice or this incident, or require further assistance, you can reach us at 1-844-517-0763 between the hours of 8:00 a.m. and 8:00 p.m. (ET), excluding holidays. Representatives are available for 90 days.