Australian Finance Broker Privacy Breach, 12 June 2023

Australian brokerage firm FIIG Securities isolates client-facing systems after attack

“Identification details and documents” purportedly accessed.

Company Statement: FIIG Securities Response to Cyber Incident
Source: FIIG Securities isolates client-facing systems after attack | iTnews

View more incidents from Banking and Finance sector.

This attack has been attributed to the cybercriminal group AlphV, which is also known as BlackCat, view the AlphV Australian Ransomware Attacks.

FIIG Securities, an Australian brokerage that has $5 billion “under advice” and 6000 private clients, said that its IT systems had been accessed by “an unauthorised third party”.

Following initial investigations, FIIG understands that personal information, including
the identification details and documents provided to open and maintain client accounts
with FIIG have been accessed. This may include personal information such as:

• Name
• Address
• Date of Birth
• Telephone number
• Email address
• Driver’s licence details
• Passport details
• Bank account details (account name, BSB and account number)
• Tax file numbers.

In a statement, the company said it had “acted with urgency to investigate the issue, including the initiation of our cyber response strategy working with third-party cyber security experts and isolating affected systems.”

“We are working in partnership with the relevant authorities to ensure we are complying with all necessary requirements and to proactively protect the security and privacy of all data we hold,” the company said.

“This is of the utmost priority, and we take this very seriously.”

FIIG added that it is attempting to notify all stakeholders of the incident “as quickly as possible”.

Sample of FIIG Customer Letter sent to customers