TechnologyOne in trading halt after cyber breach

Enterprise software company TechnologyOne (ASX: TNE) has placed its shares in a trading halt after announcing its internal Microsoft 365 back-office system was accessed illegally by cybercriminals.

The Brisbane-based company says an unauthorised third party acted illegally to access its systems, but notes its customer-facing SaaS Software-as-a-Service) platform is not connected to the Microsoft 365 system and therefore has not been impacted.

“The company has acted with urgency to investigate the issue, including initiation of its cyber response strategy, appointing third party experts, and isolating affected systems,” TechnologyOne says.

“The company has reported this incident to relevant authorities and continues to not only comply but go beyond its regulatory obligations. Once the investigation is further progressed, we will be in a position to contact those who may be affected to work with them on the ongoing safety of their data.

“We apologise to impacted individuals for any concern this incident may cause.”

In order to investigate the cyber incident, TNE requested the immediate implementation of a trading halt which it expects will continue until the release of a further announcement by the company and the commencement of normal trading on Friday 12 May.

TechnologyOne is the latest in a string of high-profile cyber breaches suffered by major Australian companies that led to millions of customers having their personal data stolen by criminals.

This includes private health insurer Medibank (ASX: MPL) which saw the personal health information of nearly 10 million customers stolen following a data hack. A number of class action lawsuits have commenced against MPL in the months since the November 2022 cyber breach including Slater and Gordon’s (ASX: SGH) recently filed claim in the Federal Court.

Other recent victims of cybercrime include law firm HWL Ebsworth which is investigating a potential data breach from a notorious hacking group that claims it stole 4 terabytes of data from the firm’s internal company files and personal finance firm Latitude which had nearly 8 million drivers licence numbers stolen in a hack on its back end.