Hackers have published close to 10,000 records comprised of usernames, foxtons.co.uk email addresses and passwords apparently belonging to customers of Foxtons, the popular British estate agency.
It’s uncertain at this time who leaked the information and if it really comes from Foxtons.co.uk as the poster claims. However, it’s worth noting that the data leak is labeled “part 1,” which might indicate that the attacker is in the possession of more customer credentials.
Most of the passwords are partially redacted, but they’re in clear text and a large number of them are easy to guess.
I’ve reached out to Foxtons hoping they can confirm or deny if the data is genuine. In the meantime, if you’re a Foxtons customer, it’s recommended that you change your password as a precaution.
If you use the same password on multiple websites, change it on all of them.
Note. I’m not providing a link to the data leak since most of the passwords are easy to guess.
Update. Foxton hasn't responded to my inquiry, but the company has sent out emails to customers. More details here.