Security News > 2021 > January > Australian securities regulator discloses security breach
The Australian Securities and Investments Commission has revealed that one of its servers has been accessed by an unknown threat actor following a security breach.
ASIC is an independent Australian government commission tasked with the regulation of insurance, securities, and financial services, as well with consumer protection as Australia's national corporate regulator.
In response to the security breach, ASIC has disabled access to the impacted server and is working on providing an alternative credit application submission channel.
The Australian securities regulator is working on bringing the impacted systems back online and on a forensic investigation of the attack with the help of external cybersecurity experts.
The New Zealand Reserve Bank also disclosed earlier this month that they suffered a data breach after an attacker compromised a file sharing service containing sensitive data, powered by Accellion's FTA. This is a legacy service deployed on-premise to allow users to share large and sensitive files with external recipients securely.
According to BleepingComputer's cybersecurity industry sources, Accellion released the patch on December 24th, and the Reserve Bank of New Zealand suffered the breach on December 25th. Even though Accellion still provides support for the legacy FTA service, it has also been urging customers to migrate to the new Kiteworks platform since at least December 2019.