Iress refutes alleged ‘threat actor’ statements over cyber incident
Iress has issued an update denying the validity of “certain statements” made by an alleged threat actor, following a cyber incident last weekend.
In an ASX announcement on 17 May, Iress said it has become aware of “certain statements made today by the alleged threat actor”. The update comes after the technology firm confirmed that the incident involving the unauthorised access, which was detected on 11 May, extends to OneVue.
“The statements made today do not align with the investigations made by Iress to date,” it said.
“Iress refers shareholders to announcements previously made. Investigations are ongoing and we will continue to keep the market informed.”
At the present moment, it is unclear what statements Iress is referring to and the firm has been contacted by Momentum Media for more information.
Momentum Media’s Cyber Daily senior journalist, David Hollingworth, said he is not aware of any threats publicly made in connection to the Iress breach.
On 15 May, Iress said that during its investigation regarding the earlier reported unauthorised access to its user space on GitHub, it discovered that a credential within Iress’ GitHub user space was stolen and used to gain access to the OneVue production environment.
While this production environment is isolated to the OneVue businesses – MFA, Platform and OneVue Super – it contains client data, Iress confirmed.
It added that it is investigating the “extent and nature of the data accessed”.
“Investigations have substantially progressed across Iress’ other business lines and at this time we have found no evidence that the remainder of Iress’ production environment, software or client data has otherwise been compromised,” the firm said.
“Iress will continue to keep the market informed as the investigation continues.”
Recommended for you
Six months after scrapping its planned deal with KKR, Perpetual is yet to make significant headway on the sale of its wealth management division but is focusing on alternatives for product development.
Platinum Asset Management’s NPAT has fallen by 89 per cent in FY25, with the firm confirming that it will be renamed as L1 Group following the expected completion of its merger with L1 Capital.
Statutory NPAT at Pacific Current has almost halved in FY25 to $58.2 million as the result of an investment restructure.
Being able to provide certainty about redemptions is worth fund managers pursuing when targeting the retail market even if it means sacrificing returns, according to Federation Asset Management.
