ASIC hit by cyber attack
The Australian Securities and Investments Commission (ASIC) has been the subject of a cyber attack which it fears may have resulted in some information around applications for Australian credit licenses being viewed.
The regulator said that while it has not seen evidence of any Australian credit licence, application forms or any attachments having been opened or downloaded it has nonetheless disabled access to the affected server.
It said that the incident related to the Accellion software used by ASIC to transfer files and attachments and involved unauthorised access to a service which contained documents associated with recent Australian credit licence applications.
The regulator said it was working on alternative arrangements for submitting credit application attachments which would be implemented shortly and that no other ASIC technology infrastructure had been impacted or breached.
“ASIC is working with Accellion and has notified the relevant agencies as well as impacted parties to respond to and manage the incident,” it said.
“ASIC’s IT team and cyber security advisers engaged by ASIC are undertaking a detailed forensic investigation and working to bring systems back online safely.”
Recommended for you
Financial Services Minister Stephen Jones has shared further details on the second tranche of the Delivering Better Financial Outcomes reforms including modernising best interests duty and reforming Statements of Advice.
The Federal Court has found a company director guilty of operating unregistered managed investment schemes and carrying on a financial services business without holding an AFSL.
The Governance Institute has said ASIC’s governance arrangements are no longer “fit for purpose” in a time when financial markets are quickly innovating and cyber crime becomes a threat.
Compliance professionals working in financial services are facing burnout risk as higher workloads, coupled with the ever-changing regulation, place notable strain on staff.