In July 2025, a prominent NYC property management firm was tricked into wiring nearly $19 million to fraudsters after receiving a phishing email disguised as official communication from the Battery Park City Authority (The Real Deal). It was one of the largest cyber scams to ever hit New York real estate, and it highlighted how vulnerable buildings can be when management companies don’t have strong protections in place.
Property management companies handle some of the most sensitive information imaginable: resident details, bank accounts, vendor contracts, even building plans. When that data is exposed or compromised, the fallout can be financial, legal, and reputational.
At Daisy, we treat cybersecurity as core infrastructure — just as critical as boilers, roofs, or elevators. Here’s why it matters and how we safeguard your building’s data.
The overlooked risk in property management
Most boards think about physical risks, like water damage or Local Law compliance, long before they think about digital ones. But hackers increasingly target real estate and management companies because they know the systems often lag behind.
Think about the data your management company holds:
- Resident names, addresses, and contact information
- Bank account details for charges and vendor payments
- Vendor contracts with financial terms
- Architectural and engineering plans for your building
That’s a lot of valuable information. If it’s not protected, it puts both the building and its residents at risk.
Why boards should take notice now
The $19M phishing scam wasn’t an outlier. Phishing, ransomware, and email compromises are becoming more common in real estate. And smaller management firms often rely on outdated systems that make them easy targets.
For boards, cybersecurity isn’t a tech detail. It’s part of your fiduciary duty. Protecting the building means protecting its financial and resident data, not just its physical assets. A breach can trigger lawsuits, insurance claims, and expensive recovery costs that fall squarely on the community.
How Daisy safeguards your building’s data
We’ve built multiple layers of defense to keep your building’s information secure. That includes:
- Employee awareness training. Most breaches start with human error — a link clicked or password reused. Ongoing training helps our team spot and stop threats.
- Advanced email security. Our system automatically flags emails that may contain malware or phishing attempts, reducing the chance that a bad link ever gets clicked.
- Encrypted, secure database. Building and resident data is encrypted and stored in secure systems, not in spreadsheets or emails. Even if intercepted, the data can’t be read.
- Two-factor authentication. All access to confidential data requires two-step verification, making it much harder for attackers to break in.
- 24/7 security monitoring. A dedicated security team monitors activity around the clock, so threats can be flagged and contained quickly.
What this means for your board and residents
Strong cybersecurity translates into real-world benefits:
- Peace of mind. Residents can trust their financial and personal data is being handled safely.
- Reduced liability. Proactive safeguards lower the chance of lawsuits, regulatory fines, or insurance battles.
- Better governance. Boards that prioritize digital security are fulfilling their fiduciary responsibilities in today’s world.
Related: Understanding condo & co-op insurance for new board members
The takeaway
Cybersecurity isn’t optional anymore. Just as boards budget for façade inspections or boiler maintenance, they need to make sure their management company is investing in protecting sensitive digital assets.
The $19M scam this summer showed how quickly things can unravel when systems and training aren’t in place. At Daisy, we’ve made security part of our DNA, because protecting your building means safeguarding both its physical and digital foundations.
