ANZ and CBA stop LMW valuations after second web privacy breach

ANZ Banking Group has again suspended the troubled valuer LMW after another incident involving the posting of unauthorised valuation information on the web.

The bank said last Friday it was "disappointed and concerned" that a new incident had occurred.

ANZ was the first to respond to LMW's second data breach, with the Commonwealth Bank today suspending the use of its services in light of the latest smaller data breach.

LMW was previously known as LandMark White and LMW Hegney. 

"Following LMW’s recent data incident, CBA can confirm we have indefinitely suspended the company from our valuation panel," a company spokesman said.

"The safety and security of our customer information is of paramount importance to us."

Meanwhile LMW company secretary John Wise advised today only a "small number of clients have again suspended workflows to LMW".

"The majority continue to work closely with LMW to understand the disclosure and any impact on their customers and LMW appreciates the way they are responding by supporting LMW, its employees and shareholders rather than acting in a way that ultimately rewards the criminal attempting to damage LMW’s reputation," Wise added.

There was an earlier data incident in January that left 137,500 records sitting on a dark web forum for 10 days.

LMW provided a further market update on the disclosure of documents on a US based sharing platform called SCRIBD.

LMW first became aware of the documents posted on SCRIBD late on May 29 with information relating to the establishment of SCRIBD accounts by the criminal provided to the NSW Police.

Based on a review of the documents posted to SCRIBD, LMW advised it was apparent that very few of the documents had been viewed or downloaded by anyone prior to being removed (other than LMW’s internal and independent response team).

The vast majority of the documents uploaded to SCRIBD are 2017 residential "short form" valuations in PDF format and have very limited personal information recorded in them (limited to a name and address). There are no bank account or identity details included in these documents.

"The nature of these documents together with the small number of non-valuation documents loaded to SCRIBD clearly indicate that this is not a cyber-attack on LMW but rather the deliberate acts of a person known to LMW," it advised shareholders.

"LMW suspects that this person has taken the documents from LMW via a manual process and is attempting to damage LMW’s brand and reputation.

"There is absolutely no indication that the person is attempting to derive personal gain from the disclosure.

"LMW is treating this activity incredibly seriously and is engaging with law enforcement to investigate the activities.

"LMW will support this investigation with full force, in an effort to identify the wrongdoer and prevent further activities.

"LMW is limited in what it can say given the ongoing investigation."

Following the cyber breach identified in early February 2019, LMW implemented significantly enhanced security measures that were independently reviewed by our third party, industry recognised, IT consultants and the cyber / security teams from the major banks, all which concluded that the risks of further cyber incidents had been appropriately mitigated.

"If the perpetrator is allowed to succeed in their efforts to damage LMW’s brand and reputation, this will have implications for the wider valuation industry’s viability," it advised the market.

"Further, if the approach of dumping internal documents on the web successfully damages LMW, its employees and shareholders, it opens an avenue for disgruntled employees of other organisations to do the same.

"This activity must be deterred, and we thank the wider community for its support (and look forward to further support) to stamp this activity out."