Thousands of New York residents who live in properties managed by Douglas Elliman’s property management arm may have had their personal information compromised this month.
The three managing directors of Douglas Elliman Property Management sent an email to hundreds of co-op and condo boards on Monday informing them that the company’s computer network – which contains data on residents and employees of its buildings – has been hacked and that their personal information may have been compromised.
In the message viewed by The real deal, executives said the company detected “suspicious activity” on its IT systems on April 7. After launching an investigation and contacting law enforcement, Elliman determined that an “unauthorized party” gained access to its computer network between April 5 and April 7 and included files containing personal data of owners and owners. employees. A source with knowledge of the situation said the Federal Bureau of Investigation was involved.
Information that may have been compromised includes names, birth dates, mailing addresses, social security numbers, driver’s license numbers, passport numbers and financial information, according to the email. The company found no identity theft related to the breach.
“We take the security of our IT systems and the privacy of our customers very seriously and continue to improve our security protocols to prevent a similar incident from happening in the future,” a spokesperson said. in a press release.
The spokesperson said the violation was limited to the property management branch. Elliman’s brokerage and new development marketing businesses use separate IT systems and were not affected.
The incident has the potential to affect thousands of people. In 2018, Elliman was the largest residential property management company in New York, according to an analysis by The real deal. The company represents 390 properties with approximately 46,500 units in New York and Nassau and Westchester counties.
Notable properties that use Elliman’s management services include white glove co-ops such as 1 Sutton Place South, 778 Park Avenue, 1040 Fifth Avenue, and The Dakota, as well as luxury condos such as 111 West 57th Street, 40 East End Avenue and 111 Murray Street. .
In the email, Elliman’s property management arm said that beginning Friday, it would contact specific people whose information may have been exposed. Individuals will be offered a free one-year membership to an identity theft prevention and credit monitoring service. The company has also set up a hotline to answer residents’ questions.
“We take this matter very seriously,” Jim Miller, Elly Pateras and John Janangelo, the company’s three executive managing directors, wrote in the email. “We deeply regret any inconvenience or concern this incident may cause.”
In 2019, Corcoran Group documents detailing agent splits, marketing budgets and gross commission income were sent to its entire workforce after an employee’s email account was compromised. Many in the residential brokerage community said at the time of the breach that it was an unfortunate example of the growing threat cyberattacks pose to the real estate industry.