Cyber attack rattles real estate firm Pam Golding

Pam Golding says it has taken steps to secure its systems.

---

South Africa-based real estate company Pam Golding is scrambling to contain a cyber attack it recently suffered.

Yesterday, the company announced it had experienced a “cyber incident” that resulted in unauthorised access to some of the personal information stored on its customer relationship management system hosted on the firm’s servers in South Africa.

According to the company, this information pertains to some of its clients. “It is important to note that no banking details, financial information, commercial information and/or other documents were compromised,” says Pam Golding.

Founded in 1976, Pam Golding has a network of over 300 offices in Sub-Saharan Africa, as well as offices in the UK, Germany, Mauritius and Seychelles. It also facilitates property sales and residency in Spain and Portugal, as well as property sales in the US.

In a statement, the real estate firm says on Friday, 7 March, a third-party, unknown to it at this stage, gained unauthorised access to its system via a user account.

“As soon as we became aware of the security compromise, we took immediate action to secure our systems and removed all unauthorised access. While investigating the impact of this incident, we also immediately began implementing steps to contain the incident and prevent any further compromises,” the company says.

“We have notified affected clients/parties of the compromise in terms of the Protection of Personal Information Act (POPIA), and reported details of this matter to the Information Regulator, as required by law. We have also reported it to SAPS and a case number has been allocated.”

Under South Africa’s data privacy law POPIA, companies that experience data breaches are required to inform the Information Regulator of such incidents.

“We are taking this incident extremely seriously and are taking numerous steps to contain the incident and prevent any further recurrence,” says Pam Golding.

It notes the affected user accounts have been secured, all active sessions have been terminated, and the firm has reset passwords for all its user accounts system-wide.

“We have reviewed all system access logs to determine the extent of the breach and identify any affected data. We are patching any potential vulnerabilities and reinforcing our security protocol, and implementing additional monitoring tools to detect and respond to any future potentially suspicious activity.”

The company says it has also appointed independent cyber security specialists to investigate the incident and will adopt any appropriate recommendations to further enhance its existing access control measures.

In its communication to affected clients, and while it is still investigating the full scope of the incident, it has made customers aware of potential risks, namely:

• As a third-party accessed the system using a user account, client information may have been viewed or queried.

• Cyber criminals sometimes use stolen information to send fraudulent e-mails or messages, purporting to be from trusted sources.

• If personal details were accessed, there is a small risk of identity fraud, although the company has no evidence of misuse at this time.

“Accordingly, we have advised affected clients to be cautious about clicking on links and providing sensitive information, including bank PINs and user login passwords,” Pam Golding notes.

“We have cautioned them that if they suspect that a person other than one of our authorised agents is attempting to contact them or obtain their personal information, they should contact our information officer via informationofficer@pamgolding.co.za, or the agent they usually deal with.

“We take client privacy and security, and our privacy commitments under POPIA very seriously and sincerely regret any distress or inconvenience this incident may cause. While we are still in the process of fully investigating this incident, we will be implementing additional security measures to protect all information and to minimise the effect of this security compromise.”

The Pam Golding breach comes after the Information Regulator recently revealed it has received thousands of complaints from the public, related to the mishandling of personal data by private and public organisations.

From 1 April 2024, to date, the information watchdog has received “an alarming” 2 023 complaints from the public, specifically relating to data security compromises, it said.

Another 1 092 complaints have been lodged against direct marketing, gated complexes and local organisations that have allegedly failed to comply with the requirements of POPIA.