SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

Accellion cyber incident

By Australian Securities and Investments Commission Team

January 28, 2021

On 15 January 2021, the Australian Securities and Investments Commission (ASIC) became aware of a cyber security incident affecting a server used by ASIC.

The incident

This incident is related to Accellion software used by ASIC to transfer files and attachments. It involved unauthorised access to a server which contained documents associated with recent Australian credit licence applications.

While the investigation is ongoing, it appears that there is some risk that some limited information may have been viewed by the threat actor. At this time ASIC has not seen evidence that any Australian credit licence application forms or any attachments were opened or downloaded.

Our response

As a precaution, and to protect information and systems, ASIC has disabled access to the affected server. ASIC is working on alternative arrangements for submitting credit application attachments which will be implemented shortly. No other ASIC technology infrastructure has been impacted or breached.

ASIC is working with Accellion and has notified the relevant agencies as well as impacted parties to respond to and manage the incident.

ASICís IT team and cyber security advisers engaged by ASIC are undertaking a detailed forensic investigation and working to bring systems back online safely.

If you have been impacted

ASIC has written to directly impacted parties. If you require additional information, please email contactus@asic.gov.au.

Terms of Use | Copyright © 2002 - 2021 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement