After reporting a breach on its GitHub account, Iress has since discovered that a credential was stolen and used to gain access to Iress’ OneVue production environment.
Iress informed the ASX on Monday that it’s user space on GitHub had been breached and had since been working on improving security measures.
A further update on Wednesday morning said this production environment breach is isolated to OneVue businesses – managed funds administration, platform and OneVue Super.
The OneVue production environment contains client data and the extent and nature of the data accessed is being investigated still.
Investigations have progressed across Iress’ other business lines and at this time it not found evidence that the remainder of Iress’ production environment, software or client data has otherwise been compromised.