Realtor.com Hacked Day 4: No Announcement, Users Wait in Silence

Trace Richardson — Sun, 08 Jun 2008 02:22:04 +0000

(Previous Realtor.com coverage – Realtor.com Hacked Day 1 / Realtor.com Hacked Day 2 / Realtor.com Hacked Day 3 )

In an unfortunate turn of events, Realtor.com has failed to acknowledge its website and or servers were breached and has failed to inform users whether or not personal data was compromised. This is disturbing on a number of levels. While the breach may have been as simple as a flawed wordpress plugin or much worse, nobody can know for sure due to Realtor.com’s failure to communicate.

Realtor.com Failure to Communicate Fallout:

It signals to users that they are not valued and builds distrust and disloyalty in users.
Fails to inform users if their data was compromised, on a legal basis, my guess is that users have a right to be informed as such.
Is counterproductive to fostering community.
Shows lack of leadership on the part of Realtor.com team members.
Gives credence to criticism that Realtor.com does not act in members’ best interests.

Common Courtesy. After repeatedly informing Realtor.com that their website had been compromised, they failed to acknowledge our requests and failed to give us any feedback on the situation at hand. Oddly enough, despite their lack of communication with BrokerScience and Realtor.com users, their IP Address, 209.74.96.62, shows up as one of the most frequent visitors in BrokerScience traffic logs.

To be more specific, the IP Address of HomeStore.com shows up. It is not clear whether HomeStore is now considered a parent or partner of Realtor.com or whether it only shows up because the ARIN record has not been updated since 2001. It does, however, serve as a reminder of Realtor.com’s past and may provide a clue to the company culture that exists that would allow such a basic, preventable and unheard of gaffe to occur.

BrokerScience IP Address Traffic Log



NetRange:   209.74.96.0 - 209.74.127.255

OrgName:    Homestore.com, Inc
OrgID:      HOMEST-7
Address:    30700 Russell Ranch Rd
City:       Westlake Village
StateProv:  CA
PostalCode: 91362
Country:    US

Realtor.com Blog Hacked Day 2: Google Delisting on the Horizon

Trace Richardson — Thu, 05 Jun 2008 19:58:53 +0000

For the second day in a row, Realtor.com has failed to secure their website after it was hacked as we reported yesterday. Their failure to secure Realtor.com can have many implications, depending on how badly the site has been compromised. These range from the possible exposure of user’s personal data to the very real possibility that the site will be de-listed from Google very soon (Google does this to protect webmasters once they see a site has been compromised). Note that you will not see the spam links unless you view the direct source code or read the blog through an RSS reader.

Since the Realtor.com blog is actually located on a sub-domain at talk.realtor.com, my suspicion is that this could also lead to adverse effects or de-listing by Google of the primary domain of Realtor.com. I pinged Aaron Wall of SEOBook.com and Rand Fishkin of SEOMOZ.org and they concurred that issues with the sub-domain could indirectly affect the primary domain of Realtor.com

I also just noticed they DO have a contact page link if you look hard enough that I didn’t see yesterday before I emailed one of their bloggers yesterday…. let’s see if a quick email changes the situation.

The Real Question. Am I the ONLY person that gets the Realtor.com Blog FEED? Does not one employee of the NAR / Realtor.com team read their own blog / feed? I’m just saying…….

Sample of Spam Links Injected into Code (Click image below for full view)

Follow Up: Realtor.com Hacked Day 3

BrokerScience Mortgage Marketing Blog » hacked

Realtor.com Hacked Day 4: No Announcement, Users Wait in Silence

Realtor.com Blog Hacked Day 2: Google Delisting on the Horizon