LandMark White suffers another data breach..if it wasn’t for bad luck it would have no luck at all.

May 31, 2019 |

LandMark White, LMW, a property valuation firm suffered a data breach in January 2019, which was notified to the stock exchange on 5 February 2019.  The data breach involved 137,500 valuation records being stolen by hackers.  Some of those documents were posted on a dark web forum.  As a result of the breach it lost its best customers in CBA and ANZ.  Banks have long complained about weak privacy protections by many organisations and have been very concerned about the Federal Government’s push to create a Consumer Data right with such a poor privacy and security structures in place.

LMW’s shares were suspended, not resuming trading until 7 May. By then the cost to the company was estimated to be about $7 million and the Chief Executive and 2 directors left as a result.  In May LMW returned to the valuation panels of the banks.

Good news.   Until now.

LMW has now suffered what was a probably insider attack which resulted in sensitive commercial data being posted on line on SCRIBD according the Australian article LandMark White probes fresh data breach. That the data breach is not a repeat of the orginal breach and did not involve personal information is cold comfort.  That an insider accessed then stole data and then posted them on a discussion board in the United States is a very significant failure in data management.

This run of events shows how poor data security can cripple a company.

The Australian Article provides:

Listed valuation company LandMark White has suffered another data breach.

On Thursday the company warned stakeholders that a batch of sensitive commercial data had been posted online, confirmed the news first published by The Australian that a batch of documents had been posted on US-based document sharing site SCRIBD.

According to LandMark, SCRIBD had started taking documents offline. All of the data would be completely removed within the next 48 hours, it said.

In a statement to the ASX released after market closed, LandMark said that the data breach was not IT-related. The nature of the information contained in the stolen documents couldn’t be classified as a notifiable data breach under the Privacy Act, it said.

“With the assistance of our legal advisors and based on our initial review of the documents posted, we do not believe that this constitutes a notifiable data breach for the purposes of the Privacy Act 1988 and the Notifiable Data Breaches Scheme as there is limited private information contained in the documents,” it said.

“Notwithstanding this assessment, we have updated the Office of the Australian Information Commissioner of the disclosure and undertaken to keep it updated.”

In a letter seen by The Australian that was sent to stakeholders prior to the official statement, LandMark said the documents mostly comprised PDF valuation documents and other “operationally-related commercial documents of LMW”.

The latest data breach comes as LandMark looks to recover from a serious cyber intrusion in January, in which 137,500 valuation records were stolen by hackers. The stolen data subsequently twice made it way to the dark web, where hacker communities trade stolen information and hacking technology.

The company was suspended from the ASX in February and was reinstated on May 7.

According to LandMark, the documents posted on SCRIBD had not been stolen via a cyberattack.

“These documents do not appear to have been taken from LMW through an IT related security breach,” it said in its letter.

The theft “may be the deliberate work of an individual known to the LMW business”, it said.

“We are treating this very seriously and will work with law enforcement and government agencies, as necessary to confirm the circumstances of the activity.”

The company also stressed that its cyber defences had been significantly improved since the first data breach and that the “best interests of affected individuals remain protected”.

“Where possible we have been working with our external advisors and the Australian Cyber Security Centre to take materials offline,” it said.

The type of attack described by LandMark, commonly referred to as “Insider Attacks, is a big problem in the information security world. A recent report from US telco Verizon’s cybersecurity division said 20 per cent of cybersecurity incidents and 15 per cent of the data breaches originate from people inside the organisations affected.

According to Verizon, financial gain (47.8 per cent) and pure fun (23.4 per cent) were the top motivators for such attacks.

LandMark declined to comment on the issue when contacted by The Australian.

The company has already had to pay a heavy price for the first data breach, pegging the financial cost of the incident at around $7 million.

The cost was based on the work it lost from a number of clients and the big banks suspending the use of LandMark as an independent valuer for home loan assessments.

It also claimed the scalp of former LandMark CEO Chris Coonan, who resigned in the wake of the scandal, and two board members.

At the time, the company said it had engaged external cyber security and privacy experts to help it understand the incident’s impact and also received an independent risk assessment for its own customers.

Leave a Reply

Verified by MonsterInsights