Software Firm, Iress, Reports Data Breach on Third-Party Platform

Iress Ltd, a financial software firm, confirmed that it had effectively intercepted and mitigated an unauthorized access incident on GitHub.

Iress Ltd, an Australian financial software firm, confirmed on Monday that it had effectively intercepted and mitigated an unauthorized access incident over the weekend on GitHub, a third-party platform used to manage its pre-production software code.

This security breach on Iress Ltd did not extend to client data, which the company clarified is not stored on GitHub, thus ensuring that sensitive information remained uncompromised.

Despite the quick containment of the breach, Iress’ (IRE.ASX) shares dipped slightly, down 0.7% to $8.57 per share in early trading. The company, which operates across Asia, Australia, and the United Kingdom, moved swiftly to limit access to the affected platform and initiate a thorough investigation into the incident.

Previously, the company’s shares closed at $8.67, with a trading range for the day between $8.41 and $8.63.

Throughout 2024, the shares fluctuated between $4.92 and $10.98. The Australian software developer’s market capitalization of 1.61 billion Australian dollar (AUD), with a volume of 643,400, remains unprofitable with a recent report showing a net income of 1.16 million AUD, down 89.52% year-over-year (YoY), with revenue seeing a modest increase of 0.99%, reaching 155.21 million AUD.

IRESS Ltd market closed at $8.63 per share, as of time of writing.

“We immediately restricted access to GitHub upon discovering the breach and began an intensive investigation,” said a spokesperson from Iress Ltd. They were further assured that there was no evidence of any compromise of their client or production software, and thus, no anticipated disruption to their operations or to their clients’ ability to utilize their software and systems.

The breach occurred on a platform that, according to GitHub’s Innovation Graph, is used by approximately 1.5 million developers in Australia, including around 83,000 companies. GitHub, widely recognized for its contributions to software development, including through tools like GitHub Copilot, has been adopted by major Australian financial institutions such as AustralianSuper, Commonwealth Bank, and ANZ Bank to boost software development efficiency and creativity. However, it is important to note that there is no suggestion from Financial Standard that these companies were affected by the breach or had their user spaces compromised.

In response to the incident, Iress Ltd has committed to enhancing its security measures to prevent future breaches. The firm’s proactive communication and transparency in handling the incident reflect its commitment to maintaining trust and integrity in its stakeholder relationships.

Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.