The Australian Securities and Investments Commission (ASIC) revealed that it has become a victim of a cyber security breach at a server it used to transfer files. The compromised data includes information about credit license applications where some of the information may have been viewed. The ASIC said it became aware of the attack on January 15th, though it does not appear like the credit licence attachments or forms were downloaded. The corporate regulator said in a notice that the incident is related to the software by Accellion used by ASIC to transfer its attachments and files. It involved unauthorised access to a server which had documents associated with Australian credit license applications.
More about the ASIC cyber attack
The Australian regulator ASIC said that the investigation to dig out more details of the hack is still going on. The ASIC subsequently disabled access to the exposed server and is working on better alternative arrangements for the submission of credit applications, which the regulator said would be installed and implemented shortly. It also confirmed that no other technology or infrastructure has been breached or impacted. ASIC said in a statement that it is working with the California-based private cloud solutions provider Accellion.
The statement also said that it has notified other relevant agencies and impacted parties to manage and respond to the incident accordingly. The IT team and cyber security advisers of the ASIC are currently performing a detailed forensic investigation while working towards bringing systems back safely online, it added.
Other organizations affected by the Accellion hack
Earlier in January 2020, the Reserve Bank of New Zealand suffered a cyber breach which happened to be a hack of enterprise data protection provider Accellion. The File Transfer Appliance (FTA) of Accellion, which is used to store and share sensitive data, was compromised and accessed illegally. Australian Cyber Security Centre (ACSC) had warned that Australian organisations may also have been impacted by the Accellion File Transfer Appliance vulnerability.
In an alert published on January 19th, the ACSC said that since January 12th it has been working with its cybersecurity partners to assist Aussie organizations with respect to SQL injection exposure in the FTA. If exploited, the vulnerability might provide the attackers with access to content accessible to and stored by the FTA.
The ACSC advised organisations affected by the Accellion FTA cyber attack that they temporarily block or isolate internet access to and from systems hosting the FTA software. It also advised organizations to follow the advice of Accellion to apply security patches at the earliest. Moreover, the organizations are also advised to conduct an audit of FTA user accounts for any noticeable changes and consider a password reset for FTA users.