ASIC experiences four error-caused data breaches since start of 2022

By

Caught up in one third-party breach in the same period.

The Australian Securities and Investments Commission has had four data breaches of its own in the past two years, as well as being caught up in a fifth incident.

ASIC experiences four error-caused data breaches since start of 2022

The number is revealed in a response [pdf] to a senate inquiry, which also briefly describes the nature of the breaches that ASIC experienced.

Only one of the four breaches was notifiable to the Office of the Australia Information Commissioner (OAIC), it said, although it voluntarily reported the others as well.

“There have been four data breaches within ASIC since January 2022; three were caused by internal human error and the fourth through a system mis-configuration issue,” it said.

“Note [that] none of those data breaches within ASIC were the result of a cyber attack.”

ASIC went on to say it had also experienced a fifth breach “as the result of a successful cyber attack against one of its external legal services providers.”

“ASIC worked with the provider to successfully conclude the investigation and resolve the implications of the breach,” it said.

The commission has taken a strong and ongoing interest in the cyber security postures of regulated entities under its gaze.

It recently suggested small businesses could bolster their efforts in this regard.

The commission has also been focused this year on the risk posed by third-parties in the way they handle data and align to the security profiles and standards of their customers.

Prior to 2022, ASIC was a named victim of the hack on file transfer application maker Accellion.

It was also warned of a search history glitch on one of its sites back in 2019.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Macquarie Uni to spend up to $700m on 10-year digital transformation

Macquarie Uni to spend up to $700m on 10-year digital transformation

Nissan A/NZ's outsourced cyber incident call centre breached

Nissan A/NZ's outsourced cyber incident call centre breached

Digital ID bill passes parliament

Digital ID bill passes parliament

Macquarie's banking CISO headed to Endeavour Group

Macquarie's banking CISO headed to Endeavour Group

Log In

  |  Forgot your password?