Australian Property Group Data Breach, 30 March 2023

ID, bank details, contact information at risk as cyber criminals hack PH Property Bendigo real estate agency

The company said the cybercriminals were now targeting some clients of the small business

Source: ID, bank details, contact information at risk as cyber criminals hack PH Property Bendigo real estate agency | ABC News (Australia)

View more incidents from the Real Estate and Property Management sector and Victoria.

A regional Victorian real estate agency has fallen victim to a data breach.

PH Property Bendigo sent an email to clients yesterday afternoon saying a staff member’s email address was hacked on March 15.

The hackers managed to get past security protocols by the company that include randomised passwords, two-factor authentication for all email accounts, and an in-house internet firewall security system.

The company said four months of data was stolen that could affect about 200 customers.

Data stolen may have included names, contact information, bank details and documentation confirming identity.

The company said the cybercriminals were now targeting some clients of the small business using an email address with the first name Kayla.

“You may have already received a fake email from her account requesting to open an attachment – please do not open these attachments,” the company said.

The real estate agency said it has wiped the workers’ computer, reported the data breach to the Office of the Australian Information Commissioner, and hired IT experts to help.