Calif. MLS Giant Temporarily Shuts Down After Malware Attack

June 13, 2019

Even MLSs are not immune to cyberattacks: MetroList, the largest multiple listing service in Northern California, was forced to shut down its listing site for a little over a day after being hit by a malware attack this week. More than 20,000 real estate brokers and agents subscribe to MetroList and were unable to gain access to listings during the shutdown.

On June 11, MetroList announced on Facebook that it had become a victim of a malware attack affecting its MLS.

“This is a needless inconvenience for the thousands of hard-working real estate professionals who depend on the MLS to conduct their business and maintain their livelihood,” MetroList posted on Facebook. The MLS provided alternatives to its members via email messages for workarounds to access listings during the outage.

By June 12 at 2 a.m., MetroList announced to its subscribers that it had its MLS up and functioning again. It did warn of glitches, such as listing photos that may not be showing up right away, throughout Wednesday as systems were restored.

Many MetroList members voiced concerns on social media about whether their personal data may have been compromised in the attack, too.

“We have heard concerns from users about the security of personal data,” MetroList posted on Facebook. “MetroList has retained a forensic analyst firm to advise us on any data compromises and what additional measures, if any, we should take to further protect our data from any other type of cyberattack. At this time, there is no indication that any data was compromised.”

The threat of cyberattacks in the real estate industry continues to grow. At the end of May, First American Financial Corp., a title insurance provider, announced 885 million mortgage documents dating back to 2003 had been exposed by a data breach. The breach potentially exposed bank accounts and statements, mortgage and tax records, Social Security numbers, and wire transaction receipts.

Also, the city of Baltimore was the victim of a ransomware attack last month that targeted its city government departments and delayed more than 1,000 pending home sales during the busy spring selling season. The malware encrypted city networks, including municipal payment and finance systems, leaving the city unable to process deeds, access its property tax portal, or issue lien certificates. The city is still working a month later to restore full services.