London-wide estate agency Foxtons is investigating claims the names, email addresses and passwords of nearly 10,000 of its users have been leaked online.
The information allegedly belongs to 9,800 people who have registered their details with the firm's online property searching portal MyFoxtons, and has previously been posted on and pulled from text-sharing site PasteBin.
The list was ominously listed at "part 1" suggesting the perpetrators could be planning another leak of users' data in due course.
The estate agent has not yet confirmed whether the information is authentic or not, but has reportedly sent out an advisory to its customers alerting them to the alleged hack.
In it, the company confirmed it is in the throes of "running checks to determine [the data's] veracity", before assuring users that no credit card information had been compromised.
As a precaution, the company said it has introduced a system that will automatically reset users' passwords the next time they log into the MyFoxtons site.
"Immediate action...has been taken to safeguard your account and an investigation will continue," the advisory states.
"Should your account be upon the list, you will be contacted directly by our team."
IT Pro contacted the London-wide estate agency for comment, and was still awaiting a response at the time of publication.
Ross Parsell, director of cyber security at infosecurity experts Thales UK, said the alleged breach suggests organisations are still failing to take matters like this seriously enough.
"The recent spate of high-profile data breaches, such as this alleged attack on Foxtons, are evidence that organisations are either not taking cyber security seriously or are bewildered by the problem," said Parsell.
"Regulation in this case is a necessity to alter corporate behaviour. Once the full extent of the cyber threat is uncovered, greater collaboration on cyber issues should lead to an improvement in cyber awareness and cyber standards."
