Industry Letter


Date: December 27, 2023

To: Chief Information Security Officers

Subject: First American Financial & Email Vigilance


While you may already be aware of the cybersecurity incident impacting First American Financial Corporation (First American), the New York State Department of Financial Services (DFS) brings to your attention a related warning issued by First American regarding emails from its systems.

On December 21, First American announced it had discovered unauthorized activity on certain of its information technology systems. First American further reports that it has isolated its systems, including its email server, and warns from its update site (www.firstamupdate.com) that, at this time, “any recipient of an email purporting to be from First American, First American Title or from FirstAm.com should be vigilant about cybersecurity risks and avoid clicking on unknown or suspect links.”

Now and always, it is important to remind personnel to remain cautious and vigilant when handling emails containing links and attachments as these may carry malicious payloads or lead users to malicious websites.

Take care, be vigilant, and have a safe holiday season.