Averly, a South African online platform designed to help real estate agents and landlords identify well-behaved tenants, suffered a breach of its customer data on 9 May, according to a statement from the company.

It said that the third-party supplier which hosted its database was the victim of a ransomware attack that compromised the personal information of Averly’s customers.

The compromised data includes names and surnames, email addresses, identification numbers, residential addresses, and login information for Averly and the Tenant Profile Network (TPN).

Averly’s supplier confirmed that the attackers had not accessed financial information, and the company said it had not yet determined whether the attacker was still in possession of the data.

“At this stage of the investigation, it is unclear whether the threat actor is in possession of the personal information they accessed unlawfully,” it said.

“Personal information can create opportunities for criminals to impersonate you but does not guarantee access to your banking profile or accounts,” it added.

However, Averly warned that the information could be used in other ways, including:

Unsolicited emails to the illegally accessed e-mail addresses — including phishing attacks

Threat actors accessing encrypted passwords using brute force methods

Averly’s investigations have not yet identified the attacker.

“We have been unable to identify the perpetrator, as incidents like this are usually carried out anonymously,” it said.

“As the investigation progresses and the perpetrator is identified, we will inform you as well as the relevant authorities accordingly.”

Averly explained that its supplier’s mitigation efforts included shutting down the compromised database, creating a new database, and restoring it from the previous day’s backups.

It also updated all running applications and database connection credentials.

Averly said it has now moved its database to an independent hosting environment and dropped the third party supplier.

“Averly will no longer be working with the third-party service provider that was affected as we have subsequently transferred our database and operations to our own IT environment,” it said.

Averly outlined several further efforts to mitigate the potential consequences of the breach, such as:

A mandatory password reset for its network and the TPN;

Registering for a free Protective Registration listing with Southern Africa Fraud Prevention Service; and

Contacting its support service for further information.

