Ransomware Attack Shuts Down MLS Nationwide 

Thousands of Realtor Multiple Listing Services (MLS) across the country were shut down last Wednesday, when their MLS provider, California-based Rapattoni, was hit by a ransomeware attack. “We went from super low inventory to no inventory” said Peter Chabris, CEO of The Chabris Group in Cincinnati. Real estate agents nationwide were unable to search or update any listings.

Coldwell Banker agent Peg King of Petaluma told the therealdeal.com “It’s paralyzed the real estate industry. We can’t add listings. We can’t make price changes. We have no idea how to show properties unless we try to figure out who has something listed.”

Rapattoni provides MLS software and data services nationwide to over 100,000 members. They sent out a memo on Thursday, saying it had been targeted. The service remained down Friday preventing brokers from accessing listings or open house information for the weekend showings.

As of yesterday Rapattoni MLS is still not fully restored for brokers. Some services have been restored, but others are still unavailable. The company say they are working around the clock to restore service and that they hope to have everything back up and running by the end of the week. However, it is possible that the restoration process could take longer.

Carol Volk, EVP, BullWall has this comment:

   “This is a perfect example of how wide the ransomware attack surface has become. This mirrors the increase in attacks we’re seeing on public infrastructure. There’s just no aspect of our lives not impacted by digital transformation which has the unfortunate side effect of making it all vulnerable.  

“Every one of us is a provider of services to others in our social supply chain and we are responsible to those we serve, both locally and across the “chain,” to maintain the highest level of cyber security to both protect our data and our ability to provide service. It has been shown time and again that the follow-on damages of a cyber attack can be much greater than just the loss of data with regards to the direct and imputed costs.”

Emily Phelps, Director, Cyware follows up with this:  

“When an organization serves 100,000+ members, a ransomware attack has far-reaching consequences, for the organization, its members, and their clients. Nothing happens in a vacuum so we must break down the silos that negatively impact cybersecurity.  

“Organizations can shore up their defenses by leveraging automation tools that enable collaboration and threat intel integration so that lean security teams can more efficiently address threats. They should conduct regular security awareness training so employees are armed to recognize and avoid common threat tactics such as phishing attacks; mandate security controls like strong passwords or passphrases and multi-factor authentication; regularly patch and update systems and software; and they should consider third party security partnerships that can act as an extension of their teams, gaining expertise that is more difficult to resource and retain internally.”

Supply chain attacks like these really hurt. Thus you not only need to make sure that you’re secure. But everything that you depend on is also secure. Otherwise, this can happen to you through no fault of your own.

Leave a Reply

%d bloggers like this: