LandMark White has claimed that the data inadvertently leaked by the property valuation firm and subsequently posted on a ‘darkweb’ forum is “relatively benign”.
Earlier this month the ASX-listed company revealed details of a data breach. It subsequently entered a trading halt to assess the impact on its business, after major banks paused their use of its services.
The leaked dataset “was limited to property valuation and some personal contact information of borrowers, lenders, homeowners, residents, and property age,” the company said in a statement released today.
“The type of information present in the dataset varies from person to person and includes some or all of the following: first and last name, residential and/or business address, email address and contact telephone number. The dataset also includes commentary about the property, relevant to its overall valuation.”
The company says it has seen “no evidence of misuse of any personal information”.
LMW said it anticipated that those corporate partners that had suspended their use of the company’s services would lift those suspensions “over the coming days” and that valuation workflows “will return to more normal levels by the end of the month”.
The company said it is still assessing the financial impact of the incident.
In an update to individuals affected by the breach, LMW said it recommended that “all potentially impacted individuals remain vigilant against a potential risk of receiving phishing and other spam communications from organisations purporting to be LandMark White or one of our lending clients.”
LMW said it is working with the Australian Cyber Security Centre and the Office of the Information Commissioner as well as cyber security consultants to make sure that client information and the company’s network is secure.
The company says it closed the security vulnerability responsible for the breach on 23 January. However, subsequent to that the darkweb forum post made the data available for at least 10 days.