PLEASE READ BEFORE POSTING: Hello Forumites! In order to help keep the Forum a useful, safe and friendly place for our users, discussions around non-MoneySaving matters are not permitted per the Forum rules. While we understand that mentioning house prices may sometimes be relevant to a user's specific MoneySaving situation, we ask that you please avoid veering into broad, general debates about the market, the economy and politics, as these can unfortunately lead to abusive or hateful behaviour. Threads that are found to have derailed into wider discussions may be removed. Users who repeatedly disregard this may have their Forum account banned. Please also avoid posting personally identifiable information, including links to your own online property listing which may reveal your address. Thank you for your understanding.
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Data breach?

Options
GaryBC
GaryBC Posts: 458 Forumite
Part of the Furniture 100 Posts Name Dropper Combo Breaker
edited 25 September 2024 at 2:32PM in House buying, renting & selling
Hi guys. 

How seriously do I take this? 

We're selling the parental home. There's three sets of solicitors handling the conveyancing: 
1) ours, 
2. the buyer's old firm (sacked for dragging their heels), and 
3. the buyer's new (current) firm. 
There's also the estate agent handling the sale. 
All ok so far. 

On Friday last I received an email from a different, unknown, solicitor asking me to download a set of documents (it referenced the Memorandum of Sale so it was a bit more targeted than the run of the mill phishing email). This email had the faint whiff of something fishy about it so I put it to one side while I did a bit of poking around. Two things sealed it: one, said firm was struck off by the SRA ten years ago, and; two, a very obscure looking email address. 

So I did no more and passed the email on to all three solicitors and the estate agent (and cc'd the SRA) asking them to check for data breaches. 
I got one reply ("Noted") from the estate agent but not a peep out of any of the solicitors. 
Monday I sent a reminder (promoting the SRA from cc to prime addressee).
Still no response. 

I'm not sure what to do now. It did occur to me to go to the ICO and report the data breach but is this a bit OTT? Or is it that this sort thing is now so commonplace that nobody cares any more? 

«13

Comments

  • born_again
    born_again Posts: 20,303 Forumite
    10,000 Posts Fifth Anniversary Name Dropper
    Aside from this is the wrong section.
    You need to give them time to look at things.
    Email sent on Friday (be lucky if any work on a weekend) then again on Monday. 

    If you are that worried, then ring them & refer too the email 👍
    Life in the slow lane
  • GaryBC
    GaryBC Posts: 458 Forumite
    Part of the Furniture 100 Posts Name Dropper Combo Breaker
    Any idea how to move it to the correct section? 
  • born_again
    born_again Posts: 20,303 Forumite
    10,000 Posts Fifth Anniversary Name Dropper
    GaryBC said:
    Any idea how to move it to the correct section? 
    I would have expected that site staff would have picked this up given the section it is in.
    Just you the report button.
    Life in the slow lane
  • user1977
    user1977 Posts: 17,733 Forumite
    10,000 Posts Seventh Anniversary Photogenic Name Dropper
    edited 25 September 2024 at 2:45PM
    GaryBC said:

    I'm not sure what to do now. It did occur to me to go to the ICO and report the data breach but is this a bit OTT? Or is it that this sort thing is now so commonplace that nobody cares any more? 

    Whose data breach are you investigating? Why are you copying in the SRA? They're not going to do anything before the law firms have had a chance to investigate (and it might not be a breach on the part of any of them anyway).

    It seems a bit unreasonable to inspect instant answers from anyone.
  • GaryBC
    GaryBC Posts: 458 Forumite
    Part of the Furniture 100 Posts Name Dropper Combo Breaker
    I'm not investigating anything, I'm informing the solicitors that one of them has a leak. 
    And I informed the SRA so that they are aware that one of their own isn't taking proper care of client data.
    And no, it's absolutely NOT unreasonable to expect, at the very least, an acknowledgement of receipt of the alert by the next working day at the latest. 

    But my question is: is this sort of thing now so commonplace that, very much like household burglary, nobody gives much of a damn about it anymore? 
  • user1977
    user1977 Posts: 17,733 Forumite
    10,000 Posts Seventh Anniversary Photogenic Name Dropper
    edited 25 September 2024 at 3:31PM
    GaryBC said:
    I'm not investigating anything, I'm informing the solicitors that one of them has a leak. 

    How do you know any leak is by one of the solicitors rather than another party (such as the EA)?

    The SRA won't be interested in an individual matter such as this.

    And the other party's solicitors shouldn't be communicating with you at all.
  • GaryBC
    GaryBC Posts: 458 Forumite
    Part of the Furniture 100 Posts Name Dropper Combo Breaker
    Ok. One at a time.... 
    1) I don't, which is why I informed them ALL.
    2) I'll leave it to the SRA to decide whether, by allowing data to escape, they consider one of their members in breach of their duty of care and/or GDPR.
    3) Yep, dead right. 
  • silvercar
    silvercar Posts: 49,504 Ambassador
    Part of the Furniture 10,000 Posts Academoney Grad Name Dropper
    I'd move the thread if I knew where to put it! 
    I'm a Forum Ambassador on the housing, mortgages & student money saving boards. I volunteer to help get your forum questions answered and keep the forum running smoothly. Forum Ambassadors are not moderators and don't read every post. If you spot an illegal or inappropriate post then please report it to forumteam@moneysavingexpert.com (it's not part of my role to deal with this). Any views are mine and not the official line of MoneySavingExpert.com.
  • ciderboy2009
    ciderboy2009 Posts: 1,243 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Car Insurance Carver!
    OP - presumably you've confirmed that the breach isn't at your end?

    It wouldn't be the first time that a scammer has gained access to someone's email account and used what they see there to run the appropriate scam.
  • RHemmings
    RHemmings Posts: 4,894 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    edited 26 September 2024 at 8:44AM
    The breach could also be at the seller's end. Without further information, there is a number of places the breach could have occurred. 

    Conveyancing fraud is a known risk. https://howells.law/newsroom/conveyancing-fraud-prevention-tips-for-homebuyers/  OP, you did well in checking the bona fides of the 'solicitors' who sent the out of the blue request. Have you reported this to Action Fraud? https://www.actionfraud.police.uk/

    It's quite possible that the scammers will try again, by a different method. E.g. it's very important to check bank details, as one common scam is to intercept emails with requests for money (such as a deposit) and change the bank details. (I'm sure the OP is very much on guard). 
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.8K Banking & Borrowing
  • 253K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.8K Work, Benefits & Business
  • 598.6K Mortgages, Homes & Bills
  • 176.8K Life & Family
  • 257.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture