Foxtons customer data leaked onto the dark web
The company has been accused of "failing" to inform customers after becoming aware of data leak last month


Financial details belonging to customers of UK estate agency Foxtons are widely available on the dark web following a malware attack in October last year that affected parent company Foxtons Group.
Despite admitting that the incident affected its subsidiary Alexander Hall, which specialises in mortgage broking, Foxtons assured its customers at the time that no “sensitive data” had been stolen.
However, it has now been revealed that anyone with access to the dark web can view 16,000 card details, addresses and private correspondence - such as details of paid fees - belonging to Foxtons Group customers prior to 2010.
The personal information has been available since at least 12 October 2020, inews reports, two days after the malware attack took place. Since then, the files have been viewed over 15,000 times.
The company is accused of having knowledge of the availability of the data since last month and of failing to inform its customers, particularly those affected by the breach.
According to its website, the estate agency holds “over three million customer records”.
Ray Walsh, digital privacy expert at ProPrivacy, told IT Pro that it’s unsurprising that “sensitive consumer data stolen from Foxtons Group last October is floating around the dark web”.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
“This is, after all, the point of these types of hacks,” he added.
Walsh noted that around 20% of the analysed cards details stolen in the attack are still active, “meaning that those consumers need to be informed now so that they can cancel their cards, and check back through their statements for any irregularity”.
“If Foxtons knew the full scale of this breach two days after the attack – and did nothing to warn consumers – it would be an astonishing dereliction of duty, but we must now wait for the ICO investigation to assess what happened and what kind of fines Foxton should face,” he said.
Foxtons reportedly informed the Information Commissioner’s Office (ICO) of the attack last year, but Walsh believes that “it is likely a fine will be imminent”.
“Some of the data that has been unearthed on the dark web predates 2010, and the hacker has suggested that the older information is being used to advertise the hack while selling more up-to-date records in secret. If this is true the risk to consumers is even bigger and it is vital that Foxtons immediately contact all customers potentially caught up in this mess,” he added.
However, a Foxtons spokesperson told IT Pro that the company had "forensically been through all the stolen data and confirm it is both old and incomplete therefore not useable by a third party and not possible for it to cause financial loss or harm to those affected customers".
"All necessary disclosures have been made and full details of the attack were provided to the FCA and ICO at the time. We are satisfied that the attack did not result in the loss of any data that could be damaging to customers and believe that the FCA and ICO are satisfied with our response," they added.
Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.
Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.
-
Bigger salaries, more burnout: Is the CISO role in crisis?
In-depth CISOs are more stressed than ever before – but why is this and what can be done?
By Kate O'Flaherty Published
-
Cheap cyber crime kits can be bought on the dark web for less than $25
News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
By Emma Woollacott Published
-
ICO admits it's too slow dealing with complaints – so it's eying up automation to cut staff workloads
News The UK's data protection authority has apologized for being slow to respond to data protection complaints, saying it's been overwhelmed by increased workloads.
By Emma Woollacott Published
-
The business value of Zscaler Data Protection
Whitepaper Understand how this tool minimizes the risks related to data loss and other security events
By ITPro Published
-
Top data security trends
Whitepaper Must-have tools for your data security toolkit
By ITPro Published
-
“Limited resources” scupper ICO probe into EasyJet breach
News The decision to drop the probe has been described as “deeply concerning” by security practitioners
By Ross Kelly Published
-
Three essential requirements for flawless data protection
Whitepaper Want a better CASB and stronger DLP? You have to start with the right foundation
By ITPro Published
-
Surge in workplace monitoring prompts new ICO guidelines on employee privacy
News Detailed guidance on how to implement workplace monitoring could prevent data protection blunders
By Ross Kelly Published
-
The gratitude gap
Whitepaper 2023 State of Recognition
By ITPro Published
-
The top five risks of perimeter firewalls
Whitepaper ...and the one way to overcome them all
By ITPro Published