Third-party experts confirm no further illegal activity detected in TechnologyOne systems

Third-party cyber security experts employed by TechnologyOne (ASX: TNE) following a data breach of the company’s Microsoft 365 system have today confirmed there has been no further illegal activity detected in the tech company’s back end.

In an update to shareholders, TechnologyOne says its Microsoft 365 system is secure and has reaffirmed that its internal back-office system was isolated to contain the incident.

Further, the company’s tech has been successfully restored and is now fully operational.

TechnologyOne placed its shares into a trading halt on Wednesday ahead of announcing the news of the cyber attack which saw criminals illegally access its internal Microsoft 365 system.

“TechnologyOne acted immediately to investigate the issue and to initiate its cyber response strategy, which included the appointment of leading security and forensic experts, among other specialists, to work through containment measures,” the company said in today’s update.

“Our focus remains on the investigation into the incident to determine what data may have been accessed via our internal Microsoft 365 back-office system, and then as is necessary, to engage with impacted individuals on appropriate actions.

“TechnologyOne maintains administrative information on its back-office system. The information held by TechnologyOne on its back-office system is separate to customer’s information and data on TechnologyOne’s SaaS platform, which is safe and secure.”

The firm adds that as the investigation progresses it will keep stakeholders updated.

TechnologyOne is the latest in a string of high-profile cyber breaches suffered by major Australian companies that led to millions of customers having their personal data stolen by criminals.

This includes private health insurer Medibank (ASX: MPL) which saw the personal health information of nearly 10 million customers stolen following a data hack. A number of class action lawsuits have commenced against MPL in the months since the November 2022 cyber breach including Slater and Gordon’s (ASX: SGH) recently filed claim in the Federal Court.

Other recent victims of cybercrime include law firm HWL Ebsworth which is investigating a potential data breach from a notorious hacking group that claims it stole 4 terabytes of data from the firm’s internal company files and personal finance firm Latitude which had nearly 8 million drivers licence numbers stolen in a hack on its back end.