Keller Williams Realty, Inc.

In May 2017, Keller Williams Realty, Inc. experienced a data breach due to unauthorized access to its systems between May 6 and May 10. The incident was reported by the Washington State Office of the Attorney General on July 18, 2017. The breach compromised sensitive personal information of **9,425 individuals**, including **names, Social Security numbers, and potentially other personal data**. The unauthorized access exposed highly confidential details, posing significant risks such as identity theft, financial fraud, and long-term reputational harm to affected individuals. Given the nature of the stolen data—particularly Social Security numbers—the breach had severe implications for the victims, requiring immediate mitigation measures like credit monitoring and identity protection services. The incident underscored vulnerabilities in Keller Williams’ cybersecurity defenses, raising concerns about the company’s ability to safeguard customer data. While the exact method of the breach (e.g., phishing, system exploitation) was not detailed, the exposure of such critical information classified the event as a high-severity data leak with lasting consequences for both the company and the impacted individuals.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=9725

TPRM report: https://www.rankiteo.com/company/keller-williams-realty-llc

"id": "kel020091825",
"linkid": "keller-williams-realty-llc",
"type": "Breach",
"date": "5/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 9425,
                        'industry': 'Real Estate',
                        'location': 'United States (Washington State)',
                        'name': 'Keller Williams Realty, Inc.',
                        'type': 'Real Estate Company'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'data_exfiltration': 'Likely (unauthorized access implies '
                                      'exfiltration)',
                 'number_of_records_exposed': 9425,
                 'personally_identifiable_information': ['Names',
                                                         'Social Security '
                                                         'Numbers'],
                 'sensitivity_of_data': 'High (includes SSNs)',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)']},
 'date_publicly_disclosed': '2017-07-18',
 'description': 'The Washington State Office of the Attorney General reported '
                'a data breach involving Keller Williams Realty, Inc. on July '
                '18, 2017. The breach occurred between May 6 and May 10, 2017, '
                'due to unauthorized access, affecting 9,425 individuals and '
                'compromising their names, Social Security numbers, and '
                'potentially other personal information.',
 'impact': {'data_compromised': ['Names',
                                 'Social Security Numbers',
                                 'Potentially other personal information'],
            'identity_theft_risk': 'High (SSNs compromised)'},
 'references': [{'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'Washington State '
                                                       'Office of the Attorney '
                                                       'General'},
 'response': {'communication_strategy': 'Public disclosure via Washington '
                                        'State Office of the Attorney General'},
 'title': 'Keller Williams Realty, Inc. Data Breach (2017)',
 'type': 'Data Breach'}