Premier Property Lawyers: House sales halted by security breach

Thousands of house-buyers using a conveyancing company have been left in limbo due to a cyber-security breach.

Premier Property Lawyers (PPL), based in Enderby, Leicestershire, said a “security incident” had left some of its systems inaccessible, causing property purchases to be held up.

Customers have complained about a lack of communication and difficulties in contacting the firm.

PPL said it was working with cyber specialists to restore its IT systems.

Jason Greenwood, a DJ from Redcar, north Yorkshire, said he had already packed his belongings into a van and was waiting to complete when he heard there were problems at PPL.

He said he first became suspicious there might be an issue when he could not access the PPL website on Monday night.

“At 08:00 on Tuesday the removal van came and we got everything in the van but we couldn’t get hold of PPL at all,” he said.

“When they replied to my complaint on Twitter they said they have no time-frame to go forward.

“All my goods, clothing, everything in the house is in the back of a van and I have ongoing costs with the removal company because their van is still tied up and time is ticking on.”

Mr Greenwood, 42, said he and his seven-year-old daughter were currently sleeping at his parents’ house.

“It’s extremely stressful. I had major surgery for a tumour to be removed recently so on top of that I’m not sleeping and not eating because of the stress,” he said.

Another customer Michelle, from Coventry, said her husband Michael travelled to PPL’s Leicestershire office to see if he could get anywhere.

“There was a sign saying there has been a major incident and ‘please do not log on to your computers until you have communication from your manager’,” she told BBC Radio Leicester.

“That was for the staff obviously but that was on the door as he walked in and he spoke to the receptionist who was told they’re working on it.”

Michelle said they were in a chain with four other people and had been planning to exchange on Monday before moving into their new home next week.

However she said they had not received any communication from PPL.

“Moving house is stressful as it is anyway but this added to it is just horrendous,” she said.

“We’re not sleeping. We’re living in a house that’s packed ready to go for next week and we don’t know if we’re going.

“My daughter has been sleeping on the floor because we got rid of her bed. It’s just a nightmare.”

Adam Graver, 24, and his wife Anna, 29, have just returned from their honeymoon and were due to move into their first home together on Monday.

“I tried to log on to the online portal on the Monday and the website wasn’t working and that’s how I found out about the problems,” he said.

“We checked out of our hotel on the Monday and then basically had nowhere to go.

“Luckily we were able to move in with my in-laws, which has been really helpful, but I’m thinking about those that don’t have that option.

Premier Property Lawyers, a subsidiary of My Home Move, said it had reported the security incident to relevant authorities and was “taking steps” to contact clients and partners.

A spokesperson added: “We are working with our third-party cyber specialists to restore systems, find ways to support our clients’ property transactions and undertake a thorough investigation to gain a fuller understanding of the incident.

“The current issues relate to the temporary inability to access some of our IT systems, which has regrettably prevented the completion of some transactions.

“We are working hard to find further solutions and provide all the support we can to our clients and partners at this difficult time.”

An update posted on the My Home Move website on Wednesday said IT systems had been restored and they had “worked through the night” to process the backlog of payments.

It said: “We are working round the clock to restore our normal operations as soon as possible.

“This includes carefully bringing systems online as part of a secure phased approach and finding workarounds to complete transactions safely.

“We are not fully operational in all business areas but are positively resolving the issue and working night and day to get there.”

The Information Commissioner’s Office (ICO) said it had not been made aware of any breach involving the firm.

A spokesperson said: “Organisations must notify the ICO within 72 hours of becoming aware of a personal data breach, unless it does not pose a risk to people’s rights and freedoms.

“If an organisation decides that a breach doesn’t need to be reported they should keep their own record of it, and be able to explain why it wasn’t reported if necessary.”