2024-05-07 BRANDYWINE OPERATING PARTNERSHIP, L.P. Cybersecurity Incident

Page last updated on July 16, 2024

BRANDYWINE OPERATING PARTNERSHIP, L.P. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2024-05-07 16:18:05 EDT.

Incident Details

Material: Unknown
Is Breach: TRUE
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date: 2024-05-01
Disclosure Date: 2024-05-07
Contained Date: 2024-05-07
Recovered Date: 2024-05-28

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2024-05-07

BRANDYWINE OPERATING PARTNERSHIP, L.P. filed an 8-K at 2024-05-07 16:18:05 EDT
Accession Number: 0001193125-24-133132

Item 1.05 Material Cybersecurity Incidents.

On May 1, 2024, Brandywine Realty Trust (the “Company”) detected what was determined to be a cybersecurity incident, whereby a third party gained unauthorized access to portions of its information technology (“IT”) environment. Upon detecting the unauthorized occurrences, the Company promptly initiated its previously established response protocols and began taking steps to contain, assess and remediate the incident, including beginning an investigation with leading external cybersecurity experts, activating its incident response plan, shutting down some systems and notifying law enforcement. The cybersecurity incident consisted of unauthorized access and deployment of encryption by a third party to a portion of the Company’s internal corporate IT systems. The incident caused disruptions to, and limitation of access to, portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems. Based on the information reviewed to date, the Company believes the unauthorized activity has been contained and is working diligently to bring the impacted portions of its IT systems back online. Although the Company ascertained that certain files were exfiltrated, it is still investigating the extent of any sensitive information contained within the accessed IT systems, including any personal information. The Company is evaluating what, if any, regulatory and legal notifications are required as a result of this incident and will issue such notifications based on its findings.

As the investigation of the incident is ongoing, the full scope, nature and impact of the incident are not yet known. The Company’s real estate operations have continued throughout this matter in all material respects and, as of the date of this filing, the incident has not otherwise had a material impact on the Company’s operations. As of the date of this filing, the Company does not believe the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.

8-K/A filed on 2024-05-28

BRANDYWINE OPERATING PARTNERSHIP, L.P. filed a 8-K/A at 2024-05-28 07:42:06 EDT
Accession Number: 0001193125-24-147625

Explanatory Note.

This Current Report on Form 8-K/A (this “Amendment”) amends the Current Report on Form 8-K previously filed by Brandywine Realty Trust and Brandywine Operating Partnership, L.P. (collectively, the “Company”) with the Securities and Exchange Commission on May 7, 2024 (the “Original Report”). The Company is filing this Amendment in order to provide supplemental information under Item 1.05 regarding the cybersecurity incident disclosed by the Company in Item 1.05 of the Original Report (the “cybersecurity incident”). Except as expressly set forth herein, this Amendment does not amend the Original Report. This Amendment supplements, and should be read in conjunction with, Item 1.05 of the Original Report.

Item 1.05 Material Cybersecurity Incidents.

As disclosed in the Original Report, on May 1, 2024, the Company detected unauthorized occurrences by a third party on portions of the Company’s information technology (“IT”) systems. Upon detecting the unauthorized occurrences, the Company promptly initiated its previously established response protocols and began taking steps to contain, assess and remediate the cybersecurity incident, including beginning an investigation with leading external cybersecurity experts, activating its incident response plan, shutting down portions of the IT systems and notifying law enforcement.

The detected occurrences consisted of the third party’s unauthorized access to, and deployment of encryption to, a portion of the Company’s internal corporate IT systems and the exfiltration of certain files, including files containing personal information. The cybersecurity incident caused disruptions, and limitation of access, to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems. The Company’s real estate operations have continued throughout the period since the detection of the cybersecurity incident in all material respects.

As a result of the Company’s remediation and other activities, as of the date this Amendment, the Company believes that (i) the third party has been removed from the Company’s IT systems, (ii) the Company’s access to the affected information has been restored and (iii) the procedures performed have confirmed the completeness and integrity of the impacted information.

The Company’s investigation of the cybersecurity incident, including the Company’s assessment of the scope of personal information included in the exfiltrated information, remains ongoing. The Company intends to provide required notifications to affected and potentially affected parties and to regulatory agencies.

As part of its remediation activities, the Company is evaluating additional procedures and software to strengthen its surveillance of cybersecurity threats and to prevent unauthorized occurrences on or conducted through its IT systems and to strengthen its information backup systems. The Company currently expects that a substantial portion of its direct costs incurred relating to containing, investigating and remediating the cybersecurity incident will be reimbursed through insurance recoveries. As of the date of this Amendment, the cybersecurity incident has not had a material impact on the Company’s financial condition or results of operations, and the Company does not believe the cybersecurity incident is reasonably likely to materially impact the Company’s financial condition or results of operations.

Company Information