Twice very recently we have come across separate cases where agents have inadvertently – but seriously – breached data protection by uploading personal information on to Rightmove.
In both cases, anyone seeking identity fraud would have been provided with invaluable information.
In the first instance, a hybrid agent had uploaded a jpeg of someone’s driving licence – presumably provided as evidence of ID, and complete with name, photo and signature of the holder – in the place where the agent should have uploaded the property’s EPC.
In the second and possibly more serious instance which we were told about yesterday, a national upmarket brand had uploaded an interactive downloadable pdf showing its contract with the sellers of a £1.4m house.
The document was uploaded where you would expect to see the ‘brochure’.
The two-sided document gives details of the couple selling the property, their passports and driving licences, signatures, full address, dates of birth – and even the fee they would pay the agent.
Because of data protection, EYE is not going to give details of either of the agents concerned or provide the links on Rightmove.
We have told both agents concerned of the potential breaches, and both yesterday took action to rectify their respective situations. Both were also grateful to us for the alert.
It also gives us take the opportunity to flag up to all agents the need for great care and scrutiny when uploading property details.
Last night, a Rightmove spokesperson said: “On the very rare occasion that this happens we work with the agent to remove the image or details from the site as soon as possible.”