LandMark White suspended from trading after client backlash
Written on the 19 February 2019 by David Simmons
LandMark White (ASX: LMW) has been suspended from trading on the ASX as the fallout from the data breach that saw company information leaked onto the dark web for ten days continues to develop.
Late last week The Commonwealth Bank, NAB, and ANZ confirmed that they had suspended their contracts with LandMark White in order to investigate the extent of the breach.
The company says that it will be suspended from trading for at least two to four weeks until it is able to provide the market with accurate information relating to the financial impact of the data breach incident.
LMW says a "significant number" of clients have suspended their contracts with the company which is impacting revenues, profitability, and cashflow.
The group also says that continued public commentary is making it difficult for the company to trade LMW securities whilst it continues to investigate the breach.
"At this point in time we are unable to ascertain when these clients will reinstate LMW and hence when LMW will be in a position to assess with any certainty the financial impact of the incident," says LMW in its statement to the ASX.
HOW DID WE GET HERE?
On late Friday afternoon LMW provided the most comprehensive update into the data breach so far.
According to the company, on 23 January 2019 LMW closed off a security vulnerability which had been previously identified in one of its valuation platforms.
The breached dataset contained property valuation and some personal contact information of borrowers, lenders, homeowners, residents, and property agents.
Approximately 137,500 unique records and approximately 1,680 supporting documents were accessed in the hack.
Whoever is responsible for the cybercrime is still unknown to LandMark White and authorities, however an unknown third party posted the dataset on a dark web forum around 11.57pm GMT on 31 January 2019. The data was sitting there for ten days before being taken down on February 10.
Loan application details (including financial and identity documents) were not included in the dataset that was breached. The company also confirmed that no date of birth records, personal bank account details, payment or credit card details, username and password details were part of the vulnerable dataset.
There also is a smaller subset of supporting documents leaked that were relevant to the valuation assessment contained in the data set, such as contracts for the sale of land, council rates and strata reports.
LMW says that so far there is no evidence of misuse of any leaked personal information.
The company says it first became aware of the breach on 4 February 2019, however the company has revealed that there were signs of the hack in the weeks before.
On 30 December 2019 the company received a message through the live chat messaging service on its website providing the company with a link to the dark web forum where its leaked data was being hosted.
"As part of our standard operating procedure, we investigated this and as we could not access the dark web link provided, at that time this was discounted as spam," says LMW.
The company also separately received a post from a user on Twitter alerting the company about its data being hosted on the dark web.
"Our Twitter account was not actively monitored over the holiday period, and we have only recently become aware of it," says LMW.
"Had we been aware of the full extent of the incident any sooner we would have immediately shut down access to the exposed programming interface. We sincerely regret that we did not act sooner and accept full responsibly for not having done so."
LMW has notified the Office of the Australian Information Commissioner and is working closely with affected corporate partners to investigate the incident.
Business News Australia
Author: David Simmons