UK estate agency Foxtons hacked

August 23rd, 2013 by admin Leave a reply »

Famous UK estate agency Foxtons had to reset passwords of all its customers as a precaution, as it appeared hackers lifted thousands of clients’ usernames and passwords from the systems.

Hackers claimed to have leaked online user names, email addresses and passwords of nearly 10,000 Foxtons’ customers, resulting in a big data breach incident.

All the details were quickly leaked but assumptions were that the copies were made before this happened. The hackers failed to pull out credit card or bank details but they still gathered enough information of customers.

Writing to the affected customers, Foxtons said it was investigating the purported hack. In the meantime it had reset user passwords as a precaution.

Foxtons have been able to download the list of usernames and passwords that were posted and are currently running checks to determine its accuracy. They also assured all its customers that any sensitive information that they may have provided in relation to payments made through Foxtons is completely secure with the external payment providers.

However, immediate precautions had been taken to safeguard the accounts and an investigation was in progress. The affected customers will be contacted directly contacted by Foxtons’ team.

Foxton had also asked its customers to create new password once they login.

When Foxtons’ representative was asked whether the company salted stored passwords, a basic security practice, they declined to comment on any aspects of the incident and said that it may decide to issue a statement at some point.

“Tighter regulation might be needed to stem the growing list of data breaches. The recent spate of high-profile data breaches, such as this alleged attack on Foxtons, is evidence that organisations are either not taking cyber security seriously or are bewildered by the problem. Regulation in this case is a necessity to alter corporate behaviour.” said Ross Parsell, director of cyber security at Thales UK.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Leave a Reply