POWERED BY MOMENTUM MEDIA
Iress data breach extends to OneVue, firm says
Iress has said that incident involving the unauthorised access reported this week extends beyond what was initially reported.
In an ASX listing, Iress said it has been investigating unauthorised access to its user space on GitHub, a third-party code repository platform that manages software code.
“In the course of the investigation, it has now been discovered that a credential within Iress’ GitHub user space was stolen and used to gain access to Iress’ OneVue production environment,” the firm said.
While this production environment is isolated to the OneVue businesses – MFA, Platform, and OneVue Super – the OneVue “production environment” contains client data.
Iress said it is investigating the “extent and nature of the data accessed”.
“Investigations have substantially progressed across Iress’ other business lines and at this time we have found no evidence that the remainder of Iress’ production environment, software or client data has otherwise been compromised,” the firm said.
“Iress will continue to keep the market informed as the investigation continues.”
In an ASX announcement on Monday morning, the technology firm said it “detected and contained” an unauthorised access of its user space on GitHub on Saturday.
GitHub is a third-party code repository platform that manages software code before it goes live in production on a separate platform.
At the time, the firm said that “Iress does not store client information on GitHub”.
“There is no evidence that client data has been compromised as a result of this issue. There is also no evidence that Iress’ production or client software has been compromised,” Iress said on Monday.
The circumstances have, however, now changed.
In April, Iress said it sold its platform business to Praemium for an initial $1 million in cash consideration and a further payment of up to an additional $20 million over an 18-month period as milestones are met.
At the time, Iress said an 18-month migration process will follow to move OneVue clients to the Praemium platform technology.
Recommended for you
The Australian Prudential Regulation Authority (APRA) has modified the additional licence conditions imposed on the trustee.
AFCA’s chief executive urged member firms to up their internal dispute resolution processes in order to cut down on costs owed to the authority.
ASFA’s CEO called Joe Longo’s comments on super “unfounded and unfair”, after the ASIC chair said fund trustees don’t always “know their business”.
Less than a month after being ordered to pay $27 million for failing to merge duplicate member accounts, Australia’s biggest super fund is again the target of a suit launched by the corporate regulator.
TOP PERFORMING FUNDS
ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Fund name
3y(%)pa
1
Global X GlobalX FANG+ ETF
33.51 3 y p.a(%)
2
Spire Oaktree Opportunities XI Second Close
32.68 3 y p.a(%)
3
DomaCom Lot 21 Chellaston Road Munno Para West SA 5115 Australia
31.62 3 y p.a(%)
4
Spire Oaktree Opportunities XI First Close USD
31.36 3 y p.a(%)
5
Fidante Credit Suisse Global Private Equity
29.60 3 y p.a(%)
