TechnologyOne Trade Resumes After Data Breach

TechnologyOne, an Australian enterprise software company, disclosed in a stock exchange filing on Wednesday that "an unauthorized third-party acted illegally to access its internal Microsoft 365 back-office system." The company initiated a trading halt that lasted two days in response to the incident and has since resumed trading.

TechnologyOne said the company's customer-facing platform is not connected to the affected Microsoft 365 system and "therefore has not been impacted," but when reached, the company would not say if any customer or employee data had been accessed as a result of the wider incident.

Brendan Altadonna, representing TechnologyOne through a third-party public relations agency, chose not to address additional inquiries from TechCrunch. Altadonna stated that the company would be able to share further information once the ongoing investigation has advanced.

After discovering the breach, the software maker promptly initiated a trading halt and confirmed that it had isolated the affected systems. This pause in trading allowed TechnologyOne to gather more information about the incident and provide updates to the market and investors regarding the situation. As reported by Reuters, the company further mentioned that it would reach out to any who may have been impacted once the investigation is concluded.

The trading halt has since expired since May 12th, with the company issuing a further announcement reaffirming that its customer-facing platform was not affected. They also stated that its internal back-office system is now restored and fully operational. Third-party cybersecurity experts working with TechnologyOne confirmed that its systems are secure and no further illegal activity is present. However, TechnologyOne still hasn’t completed its investigation into what data was accessed in the breach.

The cyber attack is part of a broader pattern of high-profile breaches faced by major Australian companies, including Optus, Woolworths Ltd, Telstra, and TPG Telecom. These incidents have underscored the need for strengthened cybersecurity measures and have prompted the Australian Government to establish a task force to address and reform cybersecurity laws.