Foxtons Group data breach sees customer data published on the dark web

Hacked Cybersecurity

Reports have recently emerged alleging that Foxtons Group, one of Britain’s largest estate agents, was aware that masses of financial data belonging to their customers had been reportedly exposed on the dark web but neglected to notify their customers. The news of the Foxtons Group data breach issues first emerged following a malware attack on the estate agency in October last year, after which it was stated that “sensitive data” had not been exposed. Foxtons then reportedly learned in January that private information had found its way to the dark web, but it reportedly failed to make customers aware of this fact, leaving it to news outlets to publish the allegations.

We believe that, on the face of things, the reported inaction of Foxtons Group is a significant cause for concern. It is worrying for customers to learn that their data may have been being misused by cybercriminals without their knowledge that it had even been stolen.

Customers kept in the dark about Foxtons Group data breach

All organisations have a legal obligation to protect customer data effectively, yet Foxtons may have failed in this duty. It appears that they then also failed to respond appropriately in the wake of the data breach.

Those affected may be entitled to claim compensation for the harm caused to them.

The response to the Foxton Group data breach seems to have been characterised by factors that are a cause for concern. After the initial malware attack, it took Foxtons a week to notify customers of the hack. At this point, they insisted that their investigations had given them no reason to believe that sensitive information had been compromised. Despite customers’ worries, it appears that this claim had yet to be corrected until reports in February suggested that stolen data had been published on the dark web.

The data was understood to have been discovered by a customer in October, but Foxtons were only notified of this fact in January. It is understood that the files on the dark web included approximately 16,000 card details, home addresses and private correspondences, which have reportedly been accessed over 15,000 times.

The potential impact of the data breach

With Foxtons Group itself appearing to have got things wrong when it comes to the exposure of information, it is possible that the files that have been identified only scratch the surface of the exposed information.

In any case, the victims of the Foxton Group data breach have now potentially been exposed to risks of identity fraud, theft, scam calls and emails, and the possibility that their data may be held to ransom. The risks have may also have been exacerbated by the fact that Foxtons Group appeared to have acted slowly when it comes to contacting customers, as they may not have been acting with the caution needed in the aftermath of a data breach.

Making a compensation claim

Whenever an organisation fails to protect personal data, they have a duty to formally investigate the problem, and to notify those affected of their involvement. If the Foxtons Group data breach has indeed caused the exposure of personal data, the estate agency may have a lot to answer for regarding their data protection provision and their response to the data breach itself.

We are strong advocates of the importance of data privacy, which is why we help victims of data breaches to achieve the justice they deserve. If you think you may have been adversely impacted by a data breach, contact us for free, no-obligation advice on your potential claim.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.