Estate agent Foxtons has experienced an enormous data breach, and tens of thousands of customers could be affected. To date, 16,000 card details, addresses and correspondence has been published on the dark web by hackers. But the attackers claim they have released only 1% of the stolen data publicly.
Security experts suggest that the older information – which is freely available – could be used to advertise the hack while criminals sell more recent records in secret. So the 16,000 customer records already found on the dark web could be the tip of the iceberg.
In a shocking dereliction of care, Foxtons has not yet told its customers about the breach. This is a severe breach of data protection law, and if you are a customer of Foxtons you should consider a data breach compensation claim to find out if your data has been part of this breach.
Foxtons customers must protect themselves from further harm
An investigation by iNews found that a database of more than 16,000 card details, addresses, and private messages, stolen from Foxtons’ systems, was uploaded on the dark web three months ago. This data has since been viewed more than 15,000 times. Analysis of this data reveals that 20% of the debit cards found on the dark web were still active and included full card numbers and personal information.
To date, Foxtons has not told customers if they are involved in the data breach. But if you are, or have been, a customer of Foxtons Group (including Alexander Hall), you could be at risk, and you must take steps to protect yourself from identity theft and card fraud.
- Contact your bank or credit card provider immediately if your financial data has been exposed
- Check all bills and emails for goods or services you have not ordered
- Check your bank account for unfamiliar transactions
- Alert your bank or credit card provider immediately if there is any suspicious activity
- Monitor your credit score for any unexpected dips
- Call Credit, Experian and Equifax to ensure credit isn’t taken out in your name
- Never provide your PIN or full password to anyone (even someone claiming to be from your bank)
- Never been pressured into moving money to another account for fraud reasons. A legitimate bank won’t ask you to do this.
- Follow any security instructions provided by Foxtons
- Never automatically click on any suspicious links or downloads in emails or texts
- Don’t assume an email or phone call is authentic just because someone has your details
- Be careful who you trust – criminals often use scare tactics to try and trick you into revealing your security details
- Know that, even if you recognise a name or number, it might not be genuine
- Don’t be rushed or pressured into making a decision. A trustworthy organisation would never force you to make a financial transaction on the spot
- Never provide your full password, pin or security code to someone over the phone (or via message). If a bank believes a transaction has been fraudulent, they will not ask for this information to cancel the transaction
- Listen to your instincts and ask questions if something feels “off”
- Refuse requests for personal or financial information and stop discussions if you are at all unsure
- Contact your bank or financial service provider on a number you know and trust to check if a communication is genuine
- Be cautious of unsolicited communications that refer you to a web page asking for personal data
- Don’t accept friend requests from people you don’t know on social media
- Review your online privacy settings.
- Register with the Cifas protective registration service to slow down credit applications made in your name
- Change your passwords regularly and use a different password for every account (a password manager can help with this)
- Protect your devices with up to date internet security software.
While the data found on the dark web only affects customers from before 2010, it is likely that the older information – which is freely available – could be being used to advertise the hack while criminals sell more recent records in secret on the dark web marketplaces. All customers of Foxtons Group – including landlords, buyers, sellers, renters, and mortgage customers, should be concerned.
Start a data breach claim with Keller Lenkner UK
Our data breach lawyers are investigating this case and are ready to launch a group action claim against Foxtons.
At Keller Lenkner UK, our data breach team has the legal expertise and resources necessary to take on the corporate giants. We have supported thousands of multi-claimant and group action data breach clients, and we can do the same for you.