After a cyberattack, TechnologyOne halted trading.
The Brisbane-based software maker reported that “an unauthorized third-party acted illegally to access its internal Microsoft 365 back-office system” in a stock exchange filing on Wednesday.
TechnologyOne said its customer-facing platform is not connected to the affected Microsoft 365 system and “therefore has not been impacted,” but when reached, the company would not say if any customer or employee data was accessed.
Other questions were not answered by Brendan Altadonna, TechnologyOne’s third-party PR representative. After its investigation, Altadonna will provide more details.
What happened is unknown.
Emsisoft threat analyst Brett Callow told that TechnologyOne may have been hit by ransomware, though details are scarce. “Statistically speaking, the most likely explanations are either a ransomware attack or the systems being proactively taken offline to prevent one after the detection of an intrusion,” Callow said.
No ransomware group has claimed the cyberattack. Ransomware actors often publish stolen data to extort victims.
TechnologyOne, Australia’s largest software company, claims more than 1,300 organizations, including government agencies, local councils, and universities, use its “deeply integrated” technology. The company’s flagship cloud-based ERP product manages corporate operations.
Following a series of high-profile cyberattacks that compromised millions of citizens’ personal data, TechnologyOne is the latest Australian tech company to report a breach.
Optus, an Australian telecoms company, disclosed in September that a cyberattack compromised current and former customer data, including driver’s license and passport numbers. By November, Australian health insurer Medibank confirmed hackers stole 9.7 million customers’ personal data and almost 500,000 health claims data.