Real estate agency LJ Hooker has suffered a data breach at its Palm Beach office in Sydney, with approximately 375GB of sensitive information compromised and reportedly offered for sale on the dark web.
The breach, which occurred at one of the agency's offices in the affluent beachside suburb, has led to the exposure of staff details including passport information. There are concerns that customer data, including that of prospective tenants and visitors, may also be at risk.
An LJ Hooker spokeswoman confirmed that customers have been notified and that the office is working with its IT provider to assess the impact. The relevant government cyber and data bodies have also been informed.
Palm Beach, known as a holiday destination for billionaires, has a median house price of $4.7 million. LJ Hooker operates three offices in the suburb, but only one was targeted. The agency has 19 staff in the area, led by Principal David Edwards.
The breach follows a similar attack on a Harcourts real estate office in Melbourne last October. Tenant advocacy groups have raised concerns about the vulnerability of renters' personal data, which is often collected during property applications.
