Cyber ​​attack hits data center real estate managers: data thousands of tenants on the street

It concerns the Achmea Dutch Residential Fund, which invests in mid-market rental homes in locations in promising residential areas in the Netherlands. On behalf of this property owner, Achmea informed tenants today about the cyber attack on Aareon’s servers, on 3 February, and its consequences.

‘This IT company registers tenant data for us, including yours. Forensic investigations have shown that data such as personal data were copied or extracted during the cyber attack. Further research should reveal exactly what data is involved. But it is possible that, for example, your address and payment details have fallen into the hands of third parties.

According to Achmea, Aareon took all measures ‘immediately’ to prevent further damage and engaged international experts to analyze and assess the attack. ‘We find it very annoying that your data is involved in this cyber attack and advise you to be extra vigilant in the coming period for suspicious e-mails, app messages and phone calls. If you have roommates who are also mentioned in the lease, would you also like to inform them?’

On behalf of the Achmea Dutch Residential Fund, Syntrus Achmea Real Estate & Finance made a report to the Dutch Data Protection Authority on Friday. According to Syntrus Achmea, several property managers working for the company and other investors register data with Aareon, including tenant data. ‘It is possible that this data has fallen into the hands of third parties’, marketing and communication manager Erik van der Struijs informs this site in writing. ‘The administrators who work for us and who were affected by the attack manage a total of approximately 20,000 rental units. This concerns both rental housing and commercial real estate, such as shops and offices.’

Aareon reports in a message on its website that the REMS data center in Amsterdam was the victim of “a professionally coordinated and targeted cyber attack” on February 1. The IT company’s security systems detected the attack on February 3 in the morning. ‘The data center immediately took the systems offline, informed all customers and started an extensive specialist analysis. Other data centers were not affected by the attack,” it said.

According to the software supplier, the system has been shut down to prevent further damage. ‘The REMS services became partially available again on 8 February. The systems were rebuilt using backups and the data center of the Aareon Group in Mainz (the IT company is a subsidiary of the German Aareaal real estate bank, ed.). Most customers are already working in the new environment.’

In the course of the investigation, experts confirmed that some of the data was leaked and made publicly available. ‘As a precaution, we must therefore assume that all data has been affected, although there is a good chance that only a fraction of the data will eventually leak’, it sounds in an explanation.

Achmea promises to keep tenants informed of developments. “As soon as we have more relevant information about the cyber attack, we will of course share it with you. If you have any further questions at the moment, we would of course like to hear them’, according to the insurer, asset manager and (financial) service provider.

In 2018, data from thousands of Achmea customers was made public after a hack. The data breach at the largest insurer in the Netherlands probably originated through an employee at an office in Apeldoorn, or through someone close to this employee.

Several files, including those in the possession of the Stentor, contained the names, social security numbers and addresses of approximately 10,000 people. Thousands of victims of this hack came from the east and north of the Netherlands. Some files also contained amounts paid to clients, sometimes also from clients who had meanwhile died.

Watch our news videos in the playlist below: