UK estate agent Foxtons has warned customers that their contact details may have been compromised after what appears to be a list usernames and email addresses was leaked online.
“It has come to our attention that there were some reports circulating on the internet today suggesting that a small number of user names and passwords to the MyFoxtons web portal were briefly posted to a website,” said Foxtons in an email to registered users.
The company said it is still investigating whether the list, which contains email addresses, usernames and partially obscured passwords of 9,800 users of its MyFoxton's site, is genuine. “We have been able to download the list of usernames and passwords that were posted and are currently running checks to determine its veracity," the company said.
lt has nevertheless asked all MyFoxtons users to change their passwords.
Foxtons said no financial information was comprimised, but warned customer that hackers could view their saved property histories as well as their home addresses and phone numbers. They may also be able to access the landlord log-in area, which would allows them to sign documents, manage rents and see tenant deposit registration numbers.
The list was called “part 1” suggesting that hackers may be holding more of the data. It was posted to Pastebin, an anonymous text hosting service popular among hackers. It has since been taken down from that site, but may be still be in circulation.
It is not known how the data was stolen, or by whom.
This is not the first data-related headache for Foxtons. In 2010, the company sued a former director who allegedly stole 2,500 customer contacts before leaving to form his own agency. The director settled out of court.