CBA has reinstated LandMark White as an option to conduct residential property valuations, after the institution assured itself of the valuer’s information security following a data breach in January.
LandMark White said in a financial filing that it anticipates other lenders will start using its services again this week, although it could take several weeks for revenues to return to “pre-incident levels”.
The move by the CBA is a lifeline for Landmark White because it signals there is now sufficient institutional confidence in its operations following remediation work to counter the effects of the breach.
Banks suspended their use of LandMark White after the breach was disclosed.
The valuation firm said it had worked closely with CBA’s data protection group to provide CBA with assurance that security weaknesses had been fixed.
“CBA’s data protection group have worked closely with [us] to assess and improve [our] data security environment and are committed to continue working to ensure [our] data privacy, security standards and internal processes meet or exceed CBA’s requirements,” LandMark White said.
LandMark White said that some of the security enhancements it had made since the breach included “anonymisation of private details on completed valuations”.
The valuer said today the vulnerability that led to 137,500 valuation records being disclosed had been repaired prior to the company even learning of the breach.
It assessed that all but 25 individuals were at “very low risk of harm” from the breach. Those more at risk of harm had been given “additional personal assistance”.
Last week, data from the original breach re-appeared on a dark web forum, and the company said it could not rule out further situations where the leaked data was re-published.