Login
iscover
Hackers have allegedly breached a Sydney real estate agency, posting a sample of stolen tenant and agent data online – while threatening to release more over coming days.
Hackers on the dark web claim to have breached Sydney-based The Property Business and are threatening to release the data within a week.
The Property Business Australia is a real estate business specialising in corporate and executive rentals.
The company said it works alongside “exclusive corporate clients including relocation agencies, human resource departments, apartment services, government agencies and the consular industry”.
The Property Business was listed on the dark web overnight (16 September), with claims that business and personal data had been exfiltrated and that it would be released in a week’s time.
On the listing, the hacking group posted a sample of the stolen data, which contained scans of tenancy agreements, salary increase documentation, partial credit card scans, and the passport and licence scans of both tenants and agents.
Within this are full names, birth dates and locations, credit card numbers, tenancy agreement details such as the length of time spent at an address, signatures, and more.
Many details in the sample have been censored by the threat actors, but include addresses, phone numbers, email addresses and additional credit card information like expiry dates.
The Property Business Australia declined to comment on the matter.
The hacking group claiming responsibility for the alleged attack said that it gives victims seven days to respond to its demands.
Once that deadline passes, Kairos will publish the stolen data.
“If the situation remains unresolved after seven days, we will notify your partners, competitors, and customers and then publish your data in full,” Kairos said on its Rules page.
“This could lead to legal actions, termination of contracts, reputational damage, stock value drops, and potential closure of your organisation.”
The group’s ransom note said that Kairos is not politically motivated, and only seeks financial gain.
“The PUBLICATION of THIS DATA will lead to DISASTROUS CONSEQUENCES for your business,” the note read.
“We will also attack your partners and suppliers using info obtained from your network.
“It can lead to legal actions against you for data breaches.
“If you will not contact us in a timely manner we will start notifying your employees, clients, partners, subcontractors and any other persons that should know how you treat your own corporate secrets and theirs.”
[You might also like - Australia’s largest home builder confirms cyber attack]
You are not authorised to post comments.
Comments will undergo moderation before they get published.