Keller Williams was the target of an attempted phishing attack on its Command platform it confirmed on Tuesday, forcing the company to roll out multi-factor authentication (MFA) as an added security measure. This comes just days after news broke of a similar successful security breach of a mortgage lender that compromised more than 170,000 accounts.
Keller Williams confirmed the attempted phishing attack in an email to RISMedia on Wednesday, however, the company made it clear the attempt was unsuccessful and there was no hack of the company’s systems.
A corporate email sent to all Keller Williams Associates on Tuesday read: “As of today, all temporarily restricted features in Command are fully operational. Thank you for your continued patience as our team worked to secure our systems from recent phishing attempts targeting Command accounts.”
It went on to read, “To enhance the security of our Command platform, we have rolled out Multi-Factor Authentication (MFA) as an additional measure during login.”
The corporate email directs users to contact the KWRI Support Team (support@kw.com) with questions related to Command features.
When RISMedia asked via email what Command features were restricted and how long they were unavailable, Keller Williams declined to provide the information.
Just days earlier, New Jersey-based American Neighborhood Mortgage Acceptance Company, or AnnieMac for short, sent out consumer notifications about an August data security breach that comprised the Social Security numbers and names of more than 170,000 customers, according to a data breach notification filing.
The lender has more than 50 branches across 25 states and employs more than 1,000 people.
The AnnieMac data breach occurred between Aug. 21 and Aug. 23, but the lender reported it didn’t learn about the incident until Oct. 15. The company is offering free access to credit monitoring services for one year through CyEx for impacted customers.
