Romania’s Iimobiliare.ro Website Suffer Major Security Breach

The website Iimobiliare.ro, Romania’s biggest advertisement platform for real estate ads, was infringed last December by a security breach that allowed unauthenticated access to more than 201,087 files in the company’s data archive (including copies of identity cards), as reported by the IT security experts- Website Planet, informs the specialized site DPO-net.ro. The operator reported last month that it had remediated the flaw but did not report it to the Data Protection Authority.
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
System ram type: DDR4_sdram
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Although it remains unclear if consumer knowledge has fallen into harsh hands, as there is no password protection or authentication on the bucket of the company. The leaked data has been saved in 35,738.PDF and 165,316.JPG files, including full names, telephone numbers, home addresses, emails, CNP (social security), and personal signatures. This included personal identity information (PII) as well. Notably, anyone can just insert a correct URL to reach the bucket.
This violation disclosed over 200,000 documents, but the exact number of persons impacted by the violation remains unclear. Additional customer information compromised includes real estate contracts between customers and the company, property records including architectural plans, detailed descriptions and location, land extractions and ANCPI document, user profile photos, scanned copies of national identity cards containing the identification of codes, demanded property price, detailed explanation of properties including Real estate agreements.
Imobiliare.ro officials stated, “In January 2021, we detected a potential vulnerability in our internal data storage systems. Our company promptly launched an investigation. The vulnerability was quickly remedied. Internal investigations on the causes and potential consequences continue. We ensure in this way that for Imobiliare.ro data security is a priority and work continuously to protect the confidentiality and integrity of our platforms, meeting all current standards and in cooperation with. ”
Given the nature of the leaked information, the possible effects on consumers may be serious. Initially, malicious actors may use the information to learn about the residential address of the person, the estimated sales, and the financial status. Explicit financial data or information was not leaked, but unauthorized users could use property values as a proxy indicator for net wealth. Identity stealing is the primary concern of this material, but even other crimes such as robbery are more likely to arise from the leak.
Imobiliare.ro users may have done little to avoid leakage of their results. The organization is held responsible for the server leak. Users will nevertheless minimize the danger they pose from weak cybersecurity from third-party firms, such as customer credit reviews offering identity recuperation support if they have leaked personal data to destroy the credit records of others or commit other crimes under a presumed name.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.