Realty Trust Reveals Cyberattack Incident

Realty Trust Reveals Cyberattack Incident
<span class="bsf-rt-reading-time"><span class="bsf-rt-display-label" prefix="Reading Time"></span> <span class="bsf-rt-display-time" reading_time="1"></span> <span class="bsf-rt-display-postfix" postfix="mins"></span></span><!-- .bsf-rt-reading-time -->

Brandywine Realty Trust, a real estate investment firm based out of Philadelphia, disclosed to the SEC a cybersecurity incident that had affected portions of its IT systems and resulted in a data breach by threat actors.  

The company said it detected the incident on May 1, 2024, and initiated its response protocols, including shutting down some systems, notifying law enforcement, and hiring external cybersecurity experts. The company is still investigating the extent of the damage and the nature of the information accessed by the unauthorized party. 

According to the filing on May 17, 2024, the cybersecurity incident involved “unauthorized access and deployment of encryption by a third party to a portion of the Company’s internal corporate IT systems. The incident caused disruptions to, and limitation of access to, portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems. Based on the information reviewed to date, the Company believes the unauthorized activity has been contained and is working diligently to bring the impacted portions of its IT systems back online.” 

This is just the latest attack on real estate trusts. Real Estate professionals are a particular target due to the large flow of funds that pass through to buy, maintain, and operate multiple properties. Just six months ago, right before Christmas, First American Financial saw an attack on their networks as well.  

The company said it is taking steps to mitigate these risks and to enhance its cybersecurity measures and will notify persons affected by the breach if required.