LandMark White hacked data sat on dark web for 10 days
18 February 2019, Written by David Simmons
Property valuer LandMark White (ASX: LMW) has resumed trading this morning after investigating a serious data breach that occurred some time in December 2018.
The company entered into a trading halt on Friday after major banks suspended important contracts.
The Commonwealth Bank, National Australia Bank and ANZ have all suspended contacts with the valuer and are working closely with LMW and affected customers to investigate the breach and ensure customer data is protected.
On late Friday afternoon LMW provided the most comprehensive update into the data breach so far.
According to the company, on 23 January 2019 LMW closed off a security vulnerability which had been previously identified in one of its valuation platforms.
The breached dataset contained property valuation and some personal contact information of borrowers, lenders, homeowners, residents, and property agents.
Approximately 137,500 unique records and approximately 1,680 supporting documents were accessed in the hack.
Whoever is responsible for the cybercrime is still unknown to LandMark White and authorities, however an unknown third party posted the dataset on a dark web forum around 11.57pm GMT on 31 January 2019. The data was sitting there for ten days before being taken down on February 10.
Loan application details (including financial and identity documents) were not included in the dataset that was breached. The company also confirmed that no date of birth records, personal bank account details, payment or credit card details, username and password details were part of the vulnerable dataset.
There also is a smaller subset of supporting documents leaked that were relevant to the valuation assessment contained in the data set, such as contracts for the sale of land, council rates and strata reports.
LMW says that so far there is no evidence of misuse of any leaked personal information.
The company says it first became aware of the breach on 4 February 2019, however the company has revealed that there were signs of the hack in the weeks before.
On 30 December 2019 the company received a message through the live chat messaging service on its website providing the company with a link to the dark web forum where its leaked data was being hosted.
"As part of our standard operating procedure, we investigated this and as we could not access the dark web link provided, at that time this was discounted as spam," says LMW.
The company also separately received a post from a user on Twitter alerting the company about its data being hosted on the dark web.
"Our Twitter account was not actively monitored over the holiday period, and we have only recently become aware of it," says LMW.
"Had we been aware of the full extent of the incident any sooner we would have immediately shut down access to the exposed programming interface. We sincerely regret that we did not act sooner and accept full responsibly for not having done so."
LMW has notified the Office of the Australian Information Commissioner and is working closely with affected corporate partners to investigate the incident.
The valuer says it has reached out to customers that are potentially at risk as a result of the data breach, specifically those who lodged valuation requests with LandMark White during the period 4 January 2011 and 23 January 2019.
Shares in LandMark White were down 10.58 per cent to $0.37 per share at close of market.
Business News Australia
Author: David Simmons