Brandywine Realty Trust, a significant U.S. real estate investment trust, has confirmed a disruption to its operations due to a ransomware attack detected on May 1, 2024.
The cyber incident involved unauthorized access and encryption of parts of the company’s internal IT systems, leading to operational disruptions and data theft.
The attack was identified when unusual activity was detected in the company’s IT environment.
Brandywine Realty Trust quickly activated its incident response protocols, which included shutting down specific systems to contain the breach and initiating a thorough investigation with the help of external cybersecurity experts.
Law enforcement was notified as part of the response effort.
Free Webinar : Live API Attack Simulation
94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise:
Key Takeaways:
- An exploit of OWASP API Top 10 vulnerability
- A brute force ATO (Account Takeover) attack on API
- A DDoS attack on an API
- Positive security model automation to prevent API attacks
Start protecting your APIs from hackers
Impact on Operations
According to US government reports, the ransomware attack primarily affected the company’s business applications that support various corporate functions, including financial and operating reporting systems.
Despite these challenges, Brandywine Realty Trust has stated that the incident has not had a material impact on its real estate operations, which have continued without significant interruption.
While the company has managed to contain the unauthorized activity, it confirmed that specific files were exfiltrated during the attack.
The extent of sensitive information involved, including personal data, is still under investigation. Brandywine Realty Trust is in the process of determining the regulatory and legal notifications required for this breach.
In a cautionary note, Brandywine Realty Trust has highlighted that the ongoing investigation may reveal additional details about the extent of the cybersecurity incident.
On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free.
The company is focused on assessing and remedying the situation and ensuring continuity of service to its tenants.
However, concerns about potential legal, reputational, and financial risks arise from this incident, including the possibility of claims or regulatory proceedings.
Board Resignation
In a related development, Terri A. Herubin, a member of the company’s Board of Trustees since 2018, has announced her resignation effective May 31, 2024, due to new employment obligations that prevent her from serving on the board of a publicly traded company.
Her decision is not related to the recent cybersecurity incident.
Brandywine Realty Trust is taking significant steps to mitigate the impact of this cyberattack and enhance its security measures to prevent future incidents.
The attack’s full scope and long-term effects are still being evaluated as the investigation continues.
The real estate giant’s experience adds to the growing list of high-profile ransomware attacks targeting major corporations across various sectors, underscoring the critical need for robust cybersecurity strategies in today’s digital age.
Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide