FIIG Securities, Australia’s largest fixed income specialist with over 6,000 investors and $5 billion of funds under advice, has fallen victim to a cyber attack after an unauthorized third party successfully breached its IT systems.
ALPHV/Black Cat, a notorious ransomware group, has claimed responsibility for the cyber attack on FIIG Securities. In a post on the dark web, the threat actor revealed that they had stolen around 385 GB of data from FIIG Securities’ main server.
ALPHV further warned the company, stating that they had three days to establish contact and make decisions regarding the consequences of this “pity mistake” committed by the company’s IT department.
The Australian authorities have promptly responded to the FIIG Securities breach, initiating its cyber response strategy in collaboration with expert third-party cybersecurity professionals and isolating the affected systems.
Explaining the cyber attack on FIIG Securities
The cyber attack on FIIG Securities resulted in a massive data breach, encompassing a wide range of sensitive information, including employees’ personal data such as CVs, driver’s licenses, identification documents, Social Security numbers, financial reports, accounting data, loan data, insurance records, and agreements.
The compromised database also contains clients’ documentation, including driver’s licenses, identification documents, Social Security numbers, financial data, credit card information, loan data, agreements, and other confidential details. The breach includes project files, plans, and other commercially sensitive information.
FIIG Securities, a trusted name in the financial services sector since 1998, manages an impressive $5 billion in funds and boasts a clientele of 6,000 private individuals. With offices in Melbourne, Sydney, Brisbane, and Perth, the company employs over 100 dedicated professionals.
In response to the cyber attack on FIIG Securities, a spokesperson for FIIG Securities emphasized the firm’s proactive approach in partnership with relevant authorities to ensure compliance with all necessary requirements and to safeguard the security and privacy of the compromised data.
The spokesperson stressed that data protection remains their utmost priority, and they are taking the incident very seriously, reported Australian Broadcasting Corporation, reported.
Efforts are underway to promptly notify all stakeholders about the breach, demonstrating FIIG’s commitment to responsible data management.
Increasing targeted attacks on the financial sector
In recent years, the financial service sector has consistently remained a prime target for cyber attacks within the industry.
According to a report by Imperva, these attacks have witnessed a notable surge, with malicious actors setting their sights on the sector for various reasons including the potential for substantial financial gains, access to critical data, and valuable information that can be resold.
Furthermore, as connectivity and technological advancements continue to evolve, the threat landscape has expanded, amplifying the sector’s vulnerability to such attacks.
Given the frequency of security compromises resulting from errors and mistakes, it is imperative to adopt measures to protect against such incidents.
Whether occurring within the confines of an office or remotely, the involvement of employees and contractors in malicious activities represents a significant security risk.
Organizations must enhance their processes, cultivate the necessary expertise among personnel, and invest in advanced technologies as integral components of their defense strategy. Inculcating cyber awareness through training programs for end users and the entire team will also effectively foster robust cyber practices.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.