Sign up for our Newsletter
Keep up to date with the latest IT news, tips and guides from Dragon IS and sign up here:
Independent estate agent Life at Parliament View was found to have left the personal data of more than 18,000 customers exposed for almost two years. According to UK regulator, the Information Commissioner’s Office (ICO), this included bank statements, salary details, copies of passports, dates of birth and addresses of both tenants and landlords.
With figures showing cyberattacks are on the rise and with small estate agents revealed to be among the least likely to have cybersecurity measures in place, a local IT expert is urging local agents to take this as a wake-up call.
“Failing to have robust systems in place is a risk move for any estate agent, but especially with attacks on the rise and data protection fines starting to be dished out” explains local cybersecurity expert, Lionel Naidoo from Dragon Information Systems.
He continued: “In reality, it’s no longer a case of ‘if’ but ‘when’ an attack may take place, and the clean-up costs can be substantial. As estate agencies hold lots of data that would be very valuable to cybercriminals, they are naturally a target.”
Despite strict new data protection rules that came into force in May 2018, a YouGov poll has revealed only 35% of small and medium sized businesses have a basic data protection policy and those working in real estate are the least likely to have cyber security measures in place. This leaves agents vulnerable to attack and could also see them landed with hefty fines for non-compliance.
A cyber security breach is now estimated to cost the average small business more than £25,000, including costs such as ransom payments and hardware replacements, as well as damage to reputation and the loss of customers.
But it’s not just estate agents who are at a potential target. The Cyber Security Breaches Survey 2019 shows that already this year 32% of businesses have identified breaches or attacks. The most common form being phishing emails (80%), others impersonating the organisation online (28%), and viruses or other malware, including ransomware (27%).
Lionel added: “Every business has a duty of care to protect the data it holds, and that means having robust systems in place and providing training for team members, so they understand the importance of data security and how it applies to them day-to-day. If you’re a business and you haven’t yet considered these issues, then it needs to be top of your agenda.”