Foxtons clients’ data being ‘sold on dark web’
A report by the i newspaper suggested that details of more than 16,000 credit and debit cards, as well as address and private correspondence, are now freely accessible to potential scammers, with the files viewed more than 15,000 since they were published three month ago.
Foxtons was hit by a malware attack last October, though the firm maintains that only Alexander Hall, its mortgage broking business, was affected and that no sensitive data had been stolen.
It subsequently reported itself to the Information Commissioner’s Office.
However, now the i has alleged that the firm was informed that its customers’ details were available on the dark web in January, but has failed to take any action.
Some details of customers from before 2010 have been posted on the dark web and are freely available, according to the paper, but the hackers have warned that this represents just 1% of the details they have in their possession. They have claimed that they are selling on the more recent details to potential fraudsters.
‘Customers are safe’
In a statement, Foxtons emphasised that it did not believe the attack last year had exposed any sensitive data from customers.
The firm said: “Alexander Hall, Foxtons’ mortgage broking business, was subject to a malware attack in October 2020 that affected a number of other organisations.
“Some IT systems were affected for several days but were restored without significant disruption to customers. All necessary disclosures have been made and full details of the attack were provided to the FCA and ICO at the time.
“We are satisfied that the attack did not result in the loss of any data that could be damaging to customers and believe that the FCA and ICO are satisfied with our response.”