ASIC Takes IOOF To Court
SYDNEY: The Australian Securities and Investment Commission (ASIC) has launched a court action against a subsidiary of IOOF for failing to provide adequate cyber security systems.
The case, now in the Federal Court, follows a number of alleged cyber breaches including a cyber-attack at Frontier Financial Group.
ASIC alleges that Frontier was subject to a “brute force” attack whereby a malicious user successfully gained remote access to Frontier’s server and spent more than 155 hours logged into the system, which contained sensitive client information, including identification documents.
ASIC is seeking declarations that the subsidiary contravened the Corporations Act, that it pay a civil penalty, and compliance orders that its systems can adequately stand up to cyber-attacks.
IOOF says its subsidiary has been upgrading its systems following the alleged breaches.
“The allegations by ASIC are very general but appear to relate to a small number of cyber-attacks of a nature not uncommonly faced by Australian businesses, on a small number of authorised representatives of RI Advice,” says IOOF.