on 27-06-2018 04:01 PM
I'm just curious to hear everyone's opinions on this.
I personally don't think PEXA should be so publicly crucified for something that could happen to any electronic transaction including banking in general, besides, I also think the conveyancer should take some of the blame because the hack was made through their server/system. It's not just on PEXA's head.
on 28-06-2018 12:31 AM
Appears to be an unfortunate circumstance that obviously has brand/reputation issues, prompting the recent "guarantee" from PEXA to ensure practitioners are comfortable and able to deal with backlash... personally I do not have an issue with how PEXA have dealt with the issue recently.
28-06-2018 08:15 AM - edited 28-06-2018 08:23 AM
I hate the way the media put a spin on events to make it more newsworthy. Obviously the Conveyancer was not diligent in signing off the settlement schedule but there are and have been enhancements made to the platform to compensate for the "human" factor. In the current circumstances - being still early days for PEXA and with the IPO looming, I think PEXA should have compensated the people firstly to be seen to do the morally right thing (but not admitting liability) and then sorted out the legalities with the Conveyancer. Kudos to the CBA for recouping a large percentage of the missing money.
I'm still curious as to how the Conveyancer's new password was obtained and used, and he hadn't noticed. Does the system not get you (or the hacker) to choose a new password.
The Consumer Guarantee is a great initiative. I also like the new section to the Document Signing page - keep up the great work PEXA.
on 28-06-2018 10:09 AM
I agree that any password re-set should have a prompt to create an new one on the first login. I also think that the Conveyancer in this instance needs to take responsibility for not checking all details prior to sign off. Unfortunately hacking and cyber crime are common place in today's society and no one is immune. I would suggest a notification can be created in PEXA to alert the user when an account detail is changed at any time after the original input.
The media on this story has been very one sided and I have seen an anti-PEXA sentiment on my social media.
I would like to add though, I was disappointed to only learn about this story through a worried client. I think PEXA should have emailed all users to advise what had happened and give a timely reminder to check all account details prior to sign off (especially if there had been a resent password reset).