Foxtons Probes ‘Leak’ Of 10k Customer Logins

Tom Brewster is TechWeek Europe’s Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Foxtons isn’t offering comment on the possible leak, but has told customers it is investigating the matter

Estate agent Foxtons is probing a list of leaked data that was left on Pastebin, as it may contain account login details of around 10,000 of its online users.

The information has now been removed from Pastebin, but it is still available on other sites, according to reports. The company said it currently had no comment on the matter.

Password hackFoxtons quiet on leak

In an email to users, however, it said it had downloaded a list of usernames and passwords for the MyFoxtons web portal. The list is titled “part 1”, indicating more leaks could be on the way.

Anyone with access to a MyFoxtons account can get at plenty of data, even though the estate agent has said no banking data could have be accessed. Personal details such as home addresses and contact details will also be found in accounts – all useful information for a targeted attack in the future.

Security experts have suggested recent high-profile username and password thefts have indicated companies are not taking the threat of data theft seriously enough or simply aren’t able to protect themselves.

“Regulation in this case is a necessity to alter corporate behaviour,” said Ross Parsell, director of cyber security at Thales UK.

“Once the full extent of the cyber threat is uncovered, greater collaboration on cyber issues should lead to an improvement in cyber awareness and cyber standards.”

What do you know about Internet security? Find out with our quiz!