On Friday Title industry software and consulting provider was hit by a ransomware attack. Cloudstar operates 6 data centers and supports over 40,000 customer users. Now those customers are wondering what are they going to do.
Cloudstar users who close real estate sales are dependent on Cloudstar’s systems being up.
Cloudstar has been down since Friday. Their CEO says he doesn’t know when the systems will be back operational.
Cloudstar’s customers are scrambling today to be able to close loans.
In the meantime Cloudstar has brought in third party experts to help them.
While it is possible that Cloudstar was specifically targeted as suggested in a Housing Wire article, no one knows if that is true or not. It is certainly possible that there were just another random victim after an employee clicked on a malicious link.
This particular software is core to the title business so it is not like a title company can do a Google search and replace it. Cloudstar’s competing service providers are circling like vultures, offering free setup and who knows what else, but the problem is that the companies that use Cloudstar’s services do not have access to the forms and client data that lives on Cloudstar’s platform, which is now encrypted. Credit: ALTA
Title companies who are affected by this attack likely must report this to their regulator as the assumption by the federal government is that ransomware equals data compromise. They also likely have to tell customers that their loan or other data may have been compromised.
Some of Cloudstar’s customers may go out of business, depending on how long Cloudstar is down. It could anywhere from a few days to a month. Or more.
In helping our clients respond to Fannie Mae audits (MORA), Fannie seems to be much more interested in regulated entitys’ ability to respond to a ransomware attack and continue to support their customers. This is yet another concern that companies need to be concerned about.
But take a step back from from the specifics of this supply chain attack. You likely have vendors that are critical to your business and which are also a single point of failure that cannot be easily or quickly replaced. Given the number of ransomware and other cyber breach attacks against service providers, companies need to prepare themselves for the possibility that they will be in the same boat as the customers of Cloudstar are today. The alternative is that you lose access to your data, your business comes to a complete standstill, you have to report to regulators and customers that you lost control of your data and potentially, face significant expenses.
Are you ready?
Additional info credit: The Title Report