Federal investigators are working with MLS software company, and its insurance carriers are negotiating with hackers, who have prevented new data from being input after the Aug. 9 attack.
No one can predict the future, but you can prepare. Find out what to prepare for and pick up the tools you’ll need at Virtual Inman Connect on Nov. 1-2, 2023. And don’t miss Inman Connect New York on Jan. 23-25, 2024, where AI, capital, and more will be center stage. Bet big on the roaring future, and join us at Connect.
Technology company Rapattoni suffered a ransomware attack Wednesday that paralyzed servers hosting multiple listing services with hundreds of thousands of members, including many still hamstrung by outages, Inman has learned.
Northwest Indiana Realtors Association, San Francisco Association of Realtors, BAREIS MLS, Pasadena Foothills Realtors, and CincyMLS were still struggling with outages as of Friday, according to Dave Woodson of Dream Team Agents and posts on MLS websites. Inman has contacted Rapattoni to confirm the total number of MLSs impacted and will update this post when the company responds.
“No one can add or remove listings, update statuses and things such as that,” Woodson told Inman in an email. “I’m telling my clients the truth — they were hacked, they don’t have their information, but they have all mine.”
“I can’t update their home, but I’m doing all I can to get it resolved,” Woodson added. “[I’m] just trying to sell their home in a timely fashion. It’s hard to write an offer when you can’t access the property info all in one spot.”
Rapattoni’s MLS technical support line on Friday offered a recorded message confirming the issue. As of this writing, the attack is also affecting the company’s website, which has become inaccessible.
Ransomware is described by the federal Cybersecurity and Infrastructure Security Agency as “an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.”
The source also provided screenshots to Inman describing the incident to users states that no new listing data provided by Rapattoni is accessible beyond August 9. The message to customers reads, in part:
“Federal authorities are involved with investigating the cyber-attack, and Rapattoni’s insurance company is currently negotiating with the ransomware individuals.”
“Since yesterday, Rapatttoni has brought on 300 new servers to recreate the MLS ‘environment.’ Our MLS data was backed up to separate unaffected servers, so all of our historical information is safe. However, what was not backed up were each individual MLS system’s configurations. So, unless Rapattoni can come to an agreement with the cyber-attackers, it will take some time for them to recreate our setup. How much time exactly is currently unknown.”
San Francisco Association of Realtors’ website has posted updates as workers rush to resolve the issue. A post on Aug. 10 confirmed the issue hadn’t been resolved.
“While we recognize that listing inputs (and edits), broker tours and open houses are paramount, we have determined that the ability to add new listings and edit existing ones will not be restored today.”
Services unavailable to members of SFAR include the ability to make any changes to accounts or changes to information, new membership or termination processes and reinstatement for non-payment. The staff is unable to make any changes on behalf of members, as new listing entry or editing is impossible.
In an FAQ on SFAR’s site, the organization said it will suspend Clear Cooperation requirements as a work-around, allowing members to market new listings outside of the controversial policy’s 24-hour MLS input requirement.
A thread on r/Realtors on news aggregator and social media site Reddit is actively discussing the outage, with one poster, SweetnessBaby, saying they are using Zillow until the issue is resolved and another, apparently an active seller, going by bte_, said their agent recommended Zillow and doing a FSBO, or For Sale By Owner.
“I work in the software side of the industry (not for Rap), everyone knew about the outage right away but they just let slip today that an attack occurred in a notice to the associations using their tools. Aside from whole MLS’s going down there are dozens of areas unable to manage members or handle billing,” another poster, AshuraVonXacto, wrote.
Lucky_Object109 projected that the outage is affecting more than, “1, 525,000 Realtors nationwide, more than houses for sale.”
This may not be Rapattoni’s first fight with data pirates, as a 2019 post on Appraiserblogs.com indicated MetroList, a Sacramento-based MLS, was impacted by an attack on its data provider.
Inman has contacted Rapattoni for additional information. This is a developing story.
