Property valuation firm LandMark White says it has made “enhancements to its IT security procedures including anonymisation of private details on completed valuations,” following a significant data breach that saw customer records being posted on a darkweb forum.
The company in February revealed that valuation-related data had been accessible through an exposed API.
Since then the company has twice entered a trading halt as it worked to calculate the cost to its business of the breach and as major corporate clients suspended their use of its services.
The firm announced today that the Commonwealth Bank of Australia had reinstated it to CBA’s residential valuation panel.
“CBA’s Data Protection Group have worked closely with LMW to assess and improve LMW’s data security environment and are committed to continue working to ensure that LMW’s data privacy, security standards and internal processes meet or exceed CBA’s requirements,” the company said.
LMW said it expects that other banks will begin using the services shortly.
LMW said that in its assessment there was a “very low risk of harm” to the majority of individuals affected by the breach, which included 137,500 valuation records and 1680 supporting documents. However, 25 affected individuals “have been provided with additional personal assistance to ensure they are supported and protected” because of the company’s assessment of greater risk to them from the breach.
Last week the company’s chief executive resigned and two non-executive directors stepped down from its board in the wake of the breach.