Canadian Real Estate Company is under a Ransomware Attack

A Calgary-based real estate and property management company has been hit with a ransomware attack, losing some of its confidential data.


Ronmor Holdings confirmed that they had suffered the malware attack in late September.

“I can confirm that in late September, we learned that Ronmor was the victim of a ransomware attack on our systems and company network,” said Dallas Wingerak, CEO of Ronmor Holdings, in an email statement. “We immediately launched a comprehensive group of third-party cybersecurity experts to support our efforts.”

The REvil ransomware gang is believed to be behind this attack. The group posted a notice on its data leak site, claiming that it has extracted about 755GB of data from Ronmor’s internal servers.

“While this investigation is still in its early stages, it currently appears that some private and confidential company data was compromised in this attack,” said Wingerak.

“We want to sincerely apologize for any stress, anxiety and inconvenience this has caused to employees, tenants, partners and other stakeholders. We have been working around the clock to ascertain what happened, contain the impact and determine exactly what data may have been stolen.”

The investigation is still ongoing, and the company has assured that they have reached out to their tenants, partners and vendors individually, whose data may have been compromised in the ransomware-leak incident. Wingerak also added that they did not suffer any major loss, and Ronmor’s business operations are “as strong as ever.”

Wingerak did not mention any additional details about the attack, like how it was started or whether the data comprised by the hackers was sensitive in nature. She also didn’t explain how the REvil gang was contacted and whether they considered paying the ransom.

Ransomware attacks are on the rise these days in Canada. The new poll suggests about 17% of Canadian organizations have suffered a ransomware attack last year, out of which 70% of them have paid the ransom to avoid downtime, reputational damage, and other costs.