A cyberattack last week has taken down dozens of MLSs nationwide, with no timeline for a resolution and no clear indication of whether personal information or data was compromised.
Rapattoni MLS posted on its Facebook page Saturday that they “do not have an ETA at this time” for restoring services. The attack appears to be preventing any access or use of the MLS, including basic functions like updating listings, and has shut down systems since at least last Thursday.
A message sent to Rapattoni CEO Niki Rapattoni seeking more information was not immediately returned.
The company, which serves mostly smaller REALTOR® associations and MLSs, has been in business since 1970 and claims to have created one of the first internet-based MLSs.
The extended outage, which was still ongoing as of Monday morning, appeared to be causing chaos for thousands of real estate professionals, as local associations scrambled to find workarounds.
The Bakersfield Association of REALTORS® in Bakersfield, California, had resorted to adding new listings to a spreadsheet, and emailing updates to members every two hours, according to their website. The San Francisco Association of REALTORS® (SFAR) in San Francisco, California, directed members to use Zenlist and realtor.com® to make “very limited scope changes” to listings while Rapattoni service was restored.
SFAR also explicitly suspended the clear cooperation policy during the outage, allowing members to market properties without putting the listing on an MLS, and added an additional two days to submit listings following restoration of the service.
Other associations posted updates over the weekend saying they had no new information and urging members to stay tuned to official channels for updates.
It was unclear exactly what precipitated the attack, or what the goals of the attackers were, though several local media outlets in the San Francisco Bay area (where Rapattoni is located) described it as a ransomware attack—where criminals take control over systems and databases, and refuse to restore them unless they receive a payment.
These types of attackers target many different entities, from local school districts to major interstate fuel pipelines. Criminals are able to withhold access to systems indefinitely, or delete data if their demands are not met.
One other frightening possibility is that personal data or financial information could be accessed by the attackers—something that agents and brokers on social media worried about over the weekend, although there was no indication so far that this had occurred.
Ransomware attacks are on the rise, according to Wired, with companies paying out almost $450 million to cybercriminals just in the first half of this year.
This is a developing story. RISMedia will have updates as they become available.