Australian Financial Regulator Hit by Data Breach

Australian Financial Regulator Hit by Data Breach

Governance & Risk Management , IT Risk Management , Patch Management

Yet Another Incident Tied to Unpatched Flaw in Accellion's File Transfer Appliance John Kindervag • January 27, 2021    

More breach victims are emerging as the result of exploits of an unpatched vulnerability in an aging file transfer system from Palo Alto, California-based Accellion.


See Also: IT Governance is Broken! - 5 Ways Enterprise Organizations Can Fix It


The latest announcement comes from the Australian Securities and Investments Commission, which says it became aware on Jan. 15 of a breach involving Accellion's software, which the agency uses to transfer files and attachments.


Recent credit license applications were accessed without authorization, ASIC says.


"While the investigation is ongoing, it appears that there is some risk that some limited information may have been viewed by the threat actor," ASIC says. "At this time, ASIC has not seen evidence that any Australian credit license application forms or any attachments were opened or downloaded."


ASIC officials couldn't be immediately reached for comment. The Sydney Morning Herald reports that ASIC informed financial institutions about the breach on Monday, 10 days after it knew it had been compromised.


Meanwhile, the Australian Fina ..