The IT systems for fixed income provider FIIG Securities have been temporarily disabled amid the firm being subject to a ransomware attack.
In a statement, the company said it is working with the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and relevant government authorities in response to the incident. Additionally, the Australian Federal Police have also been notified.
“We can confirm that FIIG’s IT systems have been subject to a cyber-attack, resulting in unauthorised access and theft of personal information, and the attacker has made a demand for payment of a ransom,” it said.
The firm said its cyber breach response was activated as soon as it become aware a third party illegally access the IT systems, and all client-facing portals have since been taken offline.
“Our systems are not yet fully restored as we execute our cyber security response plan,” FIIG said. “We have engaged cyber security experts to assist us with this as well as taking additional steps to further secure our IT systems. We are sorry for the disruption and concern this incident has caused.”
The company has sought to inform affected individuals with a current email address on file but are still attempting to contact other affected individuals.
“We have partnered with IDCARE, Australia’s national identity and cyber support community service, whose expert case managers will work with individuals addressing concerns in relation to personal information risks and any instances where information may have been misused,” it said.