Australia’s financial services watchdog has suffered a cybersecurity breach forcing it to halt credit applications.
The Australian Securities and Investments Commission (ASIC) became aware of the incident on Jan. 15 when unauthorised access to a server containing documents related to credit license applications occured.
“While the investigation is ongoing, it appears that there is some risk that some limited information may have been viewed by the threat actor,” the regulatory body said in a statement.
“At this time ASIC has not seen evidence that any Australian credit licence application forms or any attachments were opened or downloaded,” it continued.
ASIC assured the public the server was disabled and no other infrastructure was breached.
The incident is related to ASIC’s use of software from California-based software company Accellion. The same software is also used by the New Zealand Reserve Bank, which suffered a cyber attack earlier this month.
“We have been advised by the third-party provider that this wasn’t a specific attack on the Reserve Bank, and other users of the file-sharing application were also compromised,” Reserve Bank Governor Adrian Orr said in response to the attack.
Accellion became aware of a vulnerability in its FTA software in mid-December and said it had resolved the problem.
The company has not responded to the most recent security breach, but is working with ASIC to manage the incident.
The Australian government made concerted efforts last year to raise public awareness around cybersecurity threats, and urged businesses and public bodies to ramp up protection online.
Prime Minister Scott Morrison also pledged AU$1.67 billion to support a ten-year cybersecurity strategy to protect the nation’s critical infrastructure.
A report revealed cyberattacks are costing the nation approximately $29 billion per year.