BoomTown ROI, a real estate proptech company, confirmed Thursday that the cause of a multi-day system outage affecting potentially thousands of real estate professionals, was a system-wide hack from a malicious third-party source that began on April 10.
The company, which provides real estate management software including IDX websites, lead generation and management and CRM software services, said the hack denied BoomTown platform clients operational access to its website or client data for an eight-day stretch.
Throughout the week, BoomTown continually updated users across social media and a tech support page on its website, stating that the company was working “tirelessly” on the restoration process.
Inside Real Estate Chief Executive Officer (CEO) Joe Skousen—whose company acquired BoomTown last year—and Chief Strategy Officer (CSO) Grier Allen, recently issued their first statements to clients on the matter, clarifying that unusual activity was indeed detected on April 10 by a malicious third-party counterpart. They went on to say that they do not believe any customer or CRM data was breached upon further forensic analysis, although the investigation is still currently ongoing.
“While our investigation remains ongoing in partnership with law enforcement, it may take some time until our investigation is complete, but we will continue to share further details as we can,” the statement said.
In that same release, Skousen and Grier explained security measures taken during the week-long site hiatus, saying, “we have built and deployed solutions into new and updated hardware and software architecture; we have rebuilt all internal access controls to the environment; we have enhanced security monitoring, detection and preventative controls.”
On Wednesday, April 17, BoomTown issued this update to its clients via email:
Many BoomTown ROI broker and agent clients expressed their ire via social media over the outage, which some claim caused revenue loss in addition to an inability to access customer database information. Additionally, according to various clients, there was minimal direct company transparency on the situation overall.
“We personally have 100,000 leads in there. There are currently 3,100-plus companies/teams using BoomTown based on online reports,” a broker who chose to remain anonymous told RISMedia. The source claimed that the outage has cost them $75,000 in revenue. “No explanation on why, no timeline on a fix. We can’t get anything concrete from them,” they stated during the outage.
And while BoomTown reports that things are back up and running, today, the anonymous broker says he can now see his client data, but “site data is still 14 days old,” and “no emails are going to clients with updates (or at all).”
Customers of BoomTown often sync accounting and financial information to assist in operating their business efficiently, which means any potential data breach could lead to further consequences for all involved.
Stay tuned to RISMedia for updates.