South Africa’s largest estate agency suffers data breach

Pam Golding Properties confirmed today that it experienced a cyber incident in which a third party gained unauthorised access to its systems, including some personal information regarding clients.

The real estate giant expressed its regrets on Tuesday, 11 March, that it experienced a cyber incident that resulted in unauthorised access to some of the personal information stored on its customer relationship management system, which is hosted on its servers in South Africa.

“This information pertains to some of our clients. It is important to note that no banking details, financial information, commercial information and/or other documents were compromised,” the company said.

Pam Golding Properties explained that, on Friday, 7 March 2025, an unknown third party gained unauthorised access to its system using a user account.

“As soon as we became aware of the security compromise, we took immediate action to secure our systems and removed all unauthorised access,” the company said. 

“While investigating the impact of this incident, we also immediately began implementing steps to contain the incident and prevent any further compromises.”

The company has notified affected clients and parties of the compromise and reported details of the incident to the Information Regulator. 

“We have also reported it to SAPS, and a case number has been allocated,” it said.

“We are taking this incident extremely seriously and are taking numerous steps to contain the incident and prevent any further recurrence.”

Pam Golding Properties said the affected user accounts have been secured, all active sessions have been terminated, and it has reset passwords for all its user accounts system-wide. 

The company added that it has reviewed all system access logs to determine the extent of the breach and identify any affected data. 

“We are patching any potential vulnerabilities reinforcing our security protocol, and implementing additional monitoring tools to detect and respond to any future potentially suspicious activity,” it said.

“We have also appointed independent cybersecurity specialists to investigate the incident and will adopt any appropriate recommendations to further enhance our existing access control measures.”

In its communication with affected clients, the company made them aware of the following potential risks:

• As a third party accessed the company’s system using a user account, client information may have been viewed or queried
• Cybercriminals sometimes use stolen information to send fraudulent emails or messages, purporting to be from trusted sources, and if personal details were accessed, there is a small risk of identity fraud, although there is no evidence of misuse at this time

“Accordingly, we have advised affected clients to be cautious about clicking on links and providing sensitive information, including bank pins and user login passwords,” the company said. 

It cautioned clients that if they suspect that a person other than one of Pam Golding’s authorised agents is attempting to contact them or obtain their personal information, they should contact the company’s Information Officer or the agent they usually deal with.

“We take client privacy and security, and our privacy commitments under POPIA very seriously and sincerely regret any distress or inconvenience this incident may cause,” the company said. 

“While we are still in the process of fully investigating this incident, we will be implementing additional security measures to protect all information and to minimise the effect of this security compromise.”