A Los Angeles subsidiary of the California Assn. of Realtors has suffered a data breach that may have exposed the personal information of up to 1,033 individuals who made purchases through its website.
The breach that hit Real Estate Business Services — which sells real-estate-related products including books, forms and classes — lasted from March 13 to May 15, the company said.
The data accessed included personal information including name, address, credit card number, credit card expiration date and, in some cases, credit card verification code, REBS said in a letter to the California attorney general's office.
Debra Ferrier, chief executive of REBS, said there is no way to know the exact number of people affected by the breach. REBS knows only that 1,033 individuals made purchases on its website during the two-month period, she said.
REBS said it believes that it has solved the issue by removing malware, switching to a different payment processing system and implementing additional security measures to protect against a future breach.
REBS sent a letter to the potentially affected individuals notifying them of the breach and offered to provide them with a one-year subscription to LifeLock, a credit monitoring program, free of charge.