Lee & Associates, a major commercial real estate brokerage firm in North America, has allegedly been targeted in a significant data breach. A threat actor has claimed responsibility on a dark web forum for compromising the company’s network and exfiltrating what they describe as the “whole domain with all their confidentials.” Lee & Associates is a leading firm in the commercial real estate market, with its Irvine office noted as completing more transactions in South Orange County than any other competitor in the region, highlighting the potential impact of such a breach.
The malicious actor supported their claim by posting a link to a large repository of files allegedly stolen from the company’s systems. The attackers explicitly stated that the leaked dataset contains a wide range of sensitive information. This incident could have serious implications for the company’s operations, its brokers, and its clients, given the confidential nature of real estate transactions and business contracts.
The threat actor has listed the following types of data as being included in the leak:
- CVVS
- Personal Confidentials
- Business contracts
- Online platform accounts
- Projects
