Subsidiary of California Association of Realtors Suffers Data Breach

Media Division | July 11, 2017

Sometimes, it seems like the cascade of new data breach incidents is endless. In the news, we see reports of another incident almost every day. Many of the recent incidents we have been hearing about have involved breaches of payment information, which is of course very detrimental to those affected. Money and financial information are some of the largest targets for cyber attackers for obvious reasons. In yet another recent example of this, Real Estate Business Services, Los Angeles subsidiary of the California Assn. of Realtors, was hit by an attack targeting the financial data of customers.

What Was Affected in the Breach

Real Estate Business Services sells real estate products like forms, classes, software, blank home sales contracts, and more. They had discovered malware within their payment processing system, which was stealing information from March 13 to May 15. The breach had initially been discovered after a member reported fraudulent charges to their card after they used it on the REBS website. Compromised data included personal and financial information, such as names, addresses, credit card numbers, expiration dates, and some verification codes, according to a letter from REBS to the California attorney general’s office. Of course, all of this leaked data can be dangerous for those affected, being that it can be used for several different types of fraud. The exact number of individuals affected in the breach is unclear, but it could be as high as 1,033, as this was how many people had made purchases on the website within the 2 month period. The potential victims are limited to CAR members, such as mortgage brokers and real estate agents.

REBS appears to be taking the breach very seriously, and are working to fortify their systems for the future, as well as protect those affected. First off, they had sent a letter to all potentially affected members notifying them of the breach. They have also changed their payment processing by switching over to Paypal, as opposed to collecting payment data directly. REBS advised members to keep a watch over their card statements, review their credit reports, and consider placing a fraud alert on the credit reports. In addition, REBS is offering affected members a free year of LifeLock card monitoring. These are all good moves on the part of REBS, as neglecting to care for those affected by a breach can have detrimental consequences on an organization. Realistically, an improperly handled breach can ruin an organization in the eyes of the public, and even literally in some cases.

Implementing Comprehensive Security to Prevent Cyber Attacks

As cyber attacks continue to become more prominent, it is even more vital that organizations review their security to ensure its formidability. Far too many breaches have occurred due to lacking security points that lead to hellacious malware infections, which often go undetected for months. There are many different tools and services that can help to prevent cyber attacks like this from occurring, including intelligence and monitoring. Many organizations continue to rely only on very basic security measures, such as antivirus and firewalls. These will always be vital as a part of the security scene, but they do not completely protect an organization by themselves. Modern security needs to be able to predict and proactively defend from threats. Massive Alliance offers a full range of security tools and services that can help organizations prevent cyber attacks.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.