In fact, she said, such hacks are an extension of issues that hit several law firms last year, when hackers access the email systems of at least two Queensland-based firms to alter banking details within email correspondence to divert funds elsewhere.

What this highlights, she posited, is the need for platforms that service law firms and conveyancers to be secure by design.

“Service providers such as PEXA should build robust security into their platforms from the ground up and continue to be vigilant to new security threats and techniques,” she said.

“Those using [these] service providers should maintain the security of their login details and passwords, put checks and balances in place so they do not solely rely on details stored by service providers and conduct routine risk assessments on service providers.”

“The lesson from all of this is to check all details of a transaction before committing to the transaction, remain vigilant and use a unique password for each account and re-set passwords often,” she continued.

Often, individuals will not know that their accounts have been compromised and thus are not on notice to reset their passwords, Ms Murdoch warned.

But notifications of data breaches under the new data breach notification laws should assist in the identification of account or login credentials being compromised.

VIEW ALL

Despite this, conveyancers and lawyers using e-conveyancing systems should not just sit back and expect PEXA and other providers to fix any shortfalls within the conveyancer’s own systems.

“While security of the PEXA platform is being improved, the conveyancer should also ensure their systems are safe and secure, and this means more rigorous attention to passwords and the protocols surrounding them,” she concluded.