The Home Group – one of the biggest housing associations in the UK – has warned around 4000 customers that their personal details may have been stolen after the company suffered a data breach.
As reported by the BBC, Home Group said the breach involved customer names, addresses and contact information, but no financial data. The organization explained that the breach was identified by a third party cybersecurity expert and affected customers in properties in England, including those in the North East, North West and Yorkshire.
The issue was resolved within 90 minutes, according to Home Group spokespeople.
Chief financial officer, John Hudson, said: “We were made aware of a potential data vulnerability and immediately responded to and resolved the issue.
“We have a robust incident response protocol in place to deal with situations such as this, which meant the vulnerability was identified and fixed extremely quickly.
“We have contacted all customers affected and I want to reassure all our customers that their information is secure and that we follow strict guidelines and protocols when it comes to data sharing and cybersecurity.”
Commenting on the news, Javvad Malik, security awareness advocate at KnowBe4, said:“It’s unclear at this moment how the company was breached, but it is encouraging to see the company was able to quickly respond to the breach, and inform its affected customers once notified by a third party.”
However, he added, companies should be building their own detection capabilities so that they are not reliant on third parties to disclose any breaches.
“Similarly, while the company claimed to have resolved the issue within 90 minutes, that is still ample opportunity for records to be accessed and copied,” Malik argued.