LandMark White data breach could impact Westpac property service customers

Westpac Group says names, addresses, and contact details may have been exposed through the third party breach.
Written by Charlie Osborne, Contributing Writer

Westpac Group has warned customers that those who have conducted a property valuation through its business may have been inadvertently impacted by a separate data breach affecting LandMark White.

On Tuesday, the Australian bank and financial services company said the recent security incident at LandMark White, a fund management organization, may have involved Westpac customers which have engaged Westpac for property valuations in the past.

Westpac says that LandMark White acts as a third party to conduct "certain property valuations." As a result of this valuation outsourcing, customers from Westpac, St.George, Bank of Melbourne, BankSA, and RAMS may have had their information leaked.

See also: Key takeaways from damning UK report on Facebook's world of "digital gangsters"

The LandMark White data breach exposed property valuations and contact information of borrowers, lenders, homeowners, residents, and property agents; including names, residential and business addresses, email addresses, property details, and contact telephone numbers. 

It is not believed that loan agreements or financial details have been stolen.

However, LandMark White clients as far back as 35 years ago may have been involved and the firm is assuming on the side of caution that all valuation requests made between 4 January 2011 and 23 January 2019 have been put at risk.

TechRepublic: Photos: 10 privacy apps that help mobile users feel safer

LandMark White blamed a security vulnerability in one of the firm's valuation platforms for the data exposure. The bug was discovered in January 2019 and quickly patched. 

A number of the company's clients have now suspended LandMark White services, and while the company itself chose to move to a temporary market halt in early February, trading resumed this week.

Westpac is among the clients which have suspended working with LandMark White -- for now -- and says that no further work will be sent to the company until the situation has been resolved.

CNET: Australia blames 'sophisticated state actor' for massive government hack

It is not known how many Westpac customers are impacted, but the banking services firm believes "only a small number of individuals" would have been involved in the third party breach. 

In related news, this week Australian Prime Minister Scott Morrison said a "sophisticated state actor" has been probing the underlying computing infrastructure of political groups in the country, including the networks of the Liberals, Labor, and Nationals parties.

These are the worst hacks, cyberattacks, and data breaches of 2018

Previous and related coverage

Editorial standards