Australian Wealth Management Incident, 28 June 2023

Wealth and asset management firm Perpetual Limited says some personal info compromised in attack on supplier

First names, surnames and addresses and bank account details maybe compromised

Company Statement: Third-Party IT Security Incident – Important Notification Tuesday June 27, 2023
Source: Perpetual says some personal info compromised in attack on supplier | iTnews

View more incidents from Banking and Finance sector.

ASX-listed wealth and asset management firm Perpetual Limited said a security incident at a third-party is behind an “extended outage” to some systems, notably its customer-facing myPerpetual platform.

Perpetual Limited has revised its guidance on a security incident at a third-party provider, now saying that “a limited amount of personal information has been compromised.”

“Perpetual experienced an extended outage as a result of an IT security incident. This occurred in a unit registry system provided by a third party which affected some of Perpetual’s funds. For the safety and security of our clients and systems, we disconnected from the third-party’s system when we became aware of the incident, and are currently working with the registry provider to rebuild the system as quickly as possible in a new, secure environment.”

“Our investigation has found two separate and unrelated files which may have been compromised: a file containing first names, surnames and addresses and a second separate file containing bank account details which are unlinked to names and addresses, meaning that it is difficult to match these bank account details with names and addresses that appear in the first file.”