Knight Barry Title Inc. recently provided notice of a cybersecurity incident that may impact some consumer data.
The notice states, “On Aug. 15, 2023, Knight Barry discovered some suspicious activity on our computer network and that certain files were encrypted with malware. Upon discovery of this activity, Knight Barry took immediate steps to ensure the security of the network and restore the systems. Systems were restored and brought back online by Aug. 17. Knight Barry also launched an investigation into the nature and scope of the event. The investigation determined that between July 25, and Aug. 15, an unauthorized actor gained access to Knight Barry systems and may have accessed or acquired data on certain systems.”
Craig Haskins, president and CEO, Knight Barry, noted that systems were restored without delaying a closing or preventing delivery of a title order.
“As part of our response to the event, we conducted a comprehensive review of the data that may have been impacted and moved quickly to notify individuals identified in the review,” Haskins said. “At this time, there are no indications of misuse of the data as a result of this event.
“A very small number of individuals in relation to the number of individuals we serve each year were affected,” Haskins continued. “We are not aware of any actual or attempted misuse of consumer information and, out of an abundance of caution, we provided some potentially impacted individuals with an overview of the event, our response, and resources to help further protect their information should they feel it necessary to do so.”
According to the Texas Attorney General’s office Data Security Breach Reports, 487 Texans were affected.
Knight Barry’s review concluded that individuals’ names, Social Security numbers, financial account information, and/or government-issued identification information may have been affected, according to the notice. It said there is no evidence of misuse of information as a result of the event.
“Knight Barry takes this event and the security of information in our care very seriously,” the notice stated. “Upon learning of the event, we moved quickly to respond, securely restore our systems, assess the security of our network, and investigate the event. Knight Barry also reported this event to law enforcement and notified relevant regulators, as required. As part of our ongoing commitment to information security, we reviewed our policies, procedures, and security tools, and updated our employee training program, to reduce the risk of a similar event from occurring in the future.”
Knight Barry is also offering complimentary credit monitoring through IDX to those affected by the event.
“We learned that having an amazing multi-location backup system and a knowledgeable IT staff was critical to getting back up and running in a very short period of time,” Haskins stated. “Further we saw the true value and importance of EDR (end point detection and response) and MDR (managed detection and response) to detect threats, pull affected systems offline and isolate any nefarious activity.
“For others who either have been affected or will be affected, because in today’s environment when is probably a more accurate word than if, we would suggest pretending that you are experiencing a cyber incident – what would you do if all of your systems were offline?” he continued. “Do you have adequate backups to restore data? Who would you call do you have a core team of executives to take the helm? Do you have cyber insurance which includes an incident response team (and if so, who will contact that team)? What about your customers how do you keep transactions going? Do you have a friendly competitor that would be willing to help to preserve consumer confidence in the title and settlement industry? And then once you are back up and running, how do you become stronger, safer and more secure in this ever-changing cyber world?”