PEXA responds to hack claims
Property Exchange Australia (PEXA) has been criticised for apparent data breaches.
PEXA is a privately-owned company that runs the new electronic transfer system for exchanging property.
The Australian Government is part way through replacing the 150-year-old Torrens title paper system with electronic certificates provided by PEXA.
But two incidents reported in recent media have left some questioning whether the private company can handle its new job.
Hackers reportedly stole $250,000 in one case and over $1 million in another, after breaking into PEXA’s systems and swapping out bank details in the seconds before transactions were lodged.
The PEXA system becomes mandatory for standalone property transactions in NSW next week and all transactions in Victoria this October.
It is being rolled out after the sale of Land Titles Offices in both states.
PEXA initially denied liability for the loss.
“The Pexa platform was not hacked. Practitioners' email accounts were hacked,” acting chief executive James Ruddock said.
“It's important to note that funds cannot be misdirected unless the practitioner physically signs off on the fraudulent account details using the bespoke digital certificate and accompanying password,” he said.
After one high-profile victim spoke to media outlets, PEXA offered a loan for the outstanding money.
But the loan came with some strict conditions, including that the couple involved would have to pay it back regardless of a pending cybercrime insurance claim, and prevented them from criticising PEXA.
“[We] would expect that they not disparage Pexa to the media, but confirm in any discussions with the media that Pexa has been proactive in assisting to resolve this matter,” the group's legal counsel wrote to the couple.
PEXA has since agreed to pay out the victims unconditionally.
Still, lawyers and conveyancing agencies nationwide are beginning to complain about being forced onto the online platform.