ASIC hit by cyber attack

27 January 2021

The Australian Securities and Investments Commission (ASIC) has been the subject of a cyber attack which it fears may have resulted in some information around applications for Australian credit licenses being viewed.

The regulator said that while it has not seen evidence of any Australian credit licence, application forms or any attachments having been opened or downloaded it has nonetheless disabled access to the affected server.

It said that the incident related to the Accellion software used by ASIC to transfer files and attachments and involved unauthorised access to a service which contained documents associated with recent Australian credit licence applications.

Related News:

The regulator said it was working on alternative arrangements for submitting credit application attachments which would be implemented shortly and that no other ASIC technology infrastructure had been impacted or breached.

“ASIC is working with Accellion and has notified the relevant agencies as well as impacted parties to respond to and manage the incident,” it said.

“ASIC’s IT team and cyber security advisers engaged by ASIC are undertaking a detailed forensic investigation and working to bring systems back online safely.”

Recommended for you




Hopefully thier cyber insurance should cover cover it? So they have full time IT team plus they need outside cyber advisers as well? How many ASIC staff does it take to tie a shoelace? One to tie it and three external consultants to check it after

So we can expect that ASIC will bring a case against itself for breaching Cyber-Security guidelines?

If this occurred to an AFSL, it would be a Multi-million dollar fine. "Why not sue?"

I trust ASIC will report the data breach, notify all affected applicants, send in a team to have it fixed, name and shame the people who let it happen in the media, reimburse all affected clients $100k each regardless of whether or not their stuff was opened and then bankrupt themselves.

Add new comment