(Reuters) – Australia’s IPH Ltd said on Monday a forensic probe into the data breach last month revealed that a limited set of data, which originated from member firm Spruson & Ferguson (Australia), was downloaded by an unauthorised third-party.
The intellectual property services provider detected an unauthorised access to its document management system, which included administrative and some client documents as well as correspondence at its head office and two member firms.
The investigation further suggested there was no evidence that data stored in any other component of its IT network was accessed by any unauthorised third-party during the course of the incident, the company said.
“Based on this analysis, IPH has determined to notify a small number of individuals whose personal information was in the dataset.”
The Sydney-based firm estimated A$2 million ($1.34 million) to A$2.5 million (pre-tax) to be incurred as non-underlying costs in its full-year 2023 accounts related to the incident.
IPH joins a long list of Australian firms reporting cybersecurity breaches over the past few months, which experts have attributed to an understaffed cybersecurity industry in the country.
($1 = 1.4923 Australian dollars)
(Reporting by Jaskiran Singh in Bengaluru; editing by Uttaresh Venkateshwaran)