POWERED BY MOMENTUM MEDIA
Iress data breach extends to OneVue, firm says
Iress has said that incident involving the unauthorised access reported this week extends beyond what was initially reported.
In an ASX listing, Iress said it has been investigating unauthorised access to its user space on GitHub, a third-party code repository platform that manages software code.
“In the course of the investigation, it has now been discovered that a credential within Iress’ GitHub user space was stolen and used to gain access to Iress’ OneVue production environment,” the firm said.
While this production environment is isolated to the OneVue businesses – MFA, Platform, and OneVue Super – the OneVue “production environment” contains client data.
Iress said it is investigating the “extent and nature of the data accessed”.
“Investigations have substantially progressed across Iress’ other business lines and at this time we have found no evidence that the remainder of Iress’ production environment, software or client data has otherwise been compromised,” the firm said.
“Iress will continue to keep the market informed as the investigation continues.”
In an ASX announcement on Monday morning, the technology firm said it “detected and contained” an unauthorised access of its user space on GitHub on Saturday.
GitHub is a third-party code repository platform that manages software code before it goes live in production on a separate platform.
At the time, the firm said that “Iress does not store client information on GitHub”.
“There is no evidence that client data has been compromised as a result of this issue. There is also no evidence that Iress’ production or client software has been compromised,” Iress said on Monday.
The circumstances have, however, now changed.
In April, Iress said it sold its platform business to Praemium for an initial $1 million in cash consideration and a further payment of up to an additional $20 million over an 18-month period as milestones are met.
At the time, Iress said an 18-month migration process will follow to move OneVue clients to the Praemium platform technology.
Recommended for you
Australia’s corporate regulator has been told it must quickly modernise its oversight of private markets, after being caught off guard by the complexity, size, and opacity of the asset class now dominating institutional portfolios.
ASIC chair Joe Longo has delivered a blunt warning to superannuation trustees, cautioning that board-level ignorance of member complaints and internal failings will not be tolerated and could trigger enforcement action.
ART has cautioned regulators against imposing overlapping obligations on superannuation funds already operating under APRA’s comprehensive framework, saying that additional oversight should be “carefully targeted to address potential gaps in other parts of the market”.
The super fund has appointed Simone Van Veen as chief member officer.
TOP PERFORMING FUNDS
ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Fund name
3y(%)pa
1
DomaCom DFS Mortgage
92.15 3 y p.a(%)
2
Global X 21Shares Bitcoin ETF
53.24 3 y p.a(%)
3
Global X GlobalX FANG+ ETF
43.15 3 y p.a(%)
4
DomaCom Shoreline North Coogee
36.26 3 y p.a(%)
5
GAM LSA Private Shares AU I
35.87 3 y p.a(%)
