LandMark White Suffers a Second Data Exposure Incident

LandMark White Data Exposure

It's often difficult to estimate exactly how much a data breach costs. Although some organizations tend to be more transparent than others, information about the direct impact is often left out of the official statements, and losses are sometimes attributed to other factors. With Australian property valuation and consultancy firm LandMark White Limited, however, things are a bit clearer.

On February 4, the company learned that some of its customers' data had been exposed. More than 137 thousand unique records containing personal information and close to 1,700 supporting documents had been stolen during the cyberattack and were later found on the dark web. Very soon, the damage became all too visible.

Chris Coonan, LandMark's CEO, resigned shortly after the news of the hack appeared, and the company's stock was temporarily removed from the Australian Securities Exchange. Its quotation was reinstated two-and-a-half months later, but to say that it's not been doing very well would be an understatement. This probably shouldn't be such a surprise considering that after assessing the potential impact of February's breach, LandMark lowered its annual revenue forecast from AU$55 million to AU$43.5 million.

LandMark White isn't in a pretty shape, and the last thing it needs is another data leak. Unfortunately, this is what it's got.

LandMark documents leaked on Scribd

On May 30, LandMark announced that it had been tipped off about some PDF files hosted on document-sharing platform Scribd. The company's security team took a look at the documents, realized that they shouldn't be publicly accessible, and started working with Scribd to have them taken down.

LandMark is determined to point out that the leak isn't as bad as people might think. An update from June 3 says that the exposed documents were "short form" valuations which didn't contain much in the way of personal information. "Very few" of the files were viewed and downloaded before Scribd took them down, which means that there shouldn't be too much to worry about. Unfortunately, many people are unconvinced.

The stock has once again been placed under a trading halt, and no fewer than eight banks have announced that they are suspending their work with LandMark for the time being.

LandMark: It wasn't a data breach. Someone is trying to sabotage us.

After February's data breach, LandMark White promised that they'll invest heavily in beefing up their IT infrastructure and putting in place mechanisms which would prevent similar incidents from happening in the future. Three months later, they insist that their new security precautions are working as expected.

LandMark says that a person who has worked either for or with the company has deliberately published the documents in order to damage its reputation. Apparently, Scribd is helping identify the perpetrator, though nobody is willing to say how likely this is to happen.

The company seems rather keen on finding out who sits at the bottom of this. Unfortunately, we're not sure how much this is going to help it reverse the damage that has already been done.

June 5, 2019

Leave a Reply