Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

FIIG Faces Legal Action Over Data Breach

March 13, 2025
Reading Time: 3 mins read
in News

FIIG Securities, a major Australian financial services provider, is currently facing legal action from the Australian Securities and Investments Commission (ASIC) for failing to implement adequate cybersecurity measures. ASIC’s lawsuit, filed in the Federal Court of Australia, focuses on systemic and prolonged failures in FIIG’s cybersecurity framework that stretched over four years, from March 2019 to June 2023. During this period, the company allegedly neglected to put in place sufficient protections, which led to a significant data breach. The breach, which occurred in May 2023, saw a hacker gain access to FIIG’s network and steal approximately 385GB of highly sensitive client data. The breach was not discovered until June 2023, when the Australian Cyber Security Centre (ACSC) contacted FIIG with the alarming news.

The stolen data involved critical personal information, including names, addresses, birth dates, driver’s licenses, passports, bank account details, and tax file numbers. This breach affected around 18,000 of FIIG’s clients, who were exposed to significant privacy risks. However, it was only after being informed by the ACSC that FIIG began to investigate the breach, even though the warning came on June 2, 2023. Despite the notification, FIIG waited six more days before launching an internal investigation. ASIC has criticized this delay and has pointed out that the company failed to take adequate steps to mitigate the risks associated with such a breach, showing a lack of readiness in their cybersecurity defenses.

In the course of its investigation, ASIC found several alarming gaps in FIIG’s cybersecurity strategy. The company allegedly failed to implement key security measures, such as up-to-date firewalls, regular patching of software and operating systems, and mandatory cybersecurity training for employees. Furthermore, the company did not allocate sufficient resources—financial, technological, or human—to cybersecurity risk management. ASIC’s Chair, Joe Longo, stressed that cybersecurity is a matter that requires constant attention and improvement, and that neglecting it could result in severe consequences. This case is not the first of its kind, as ASIC has previously taken action against another financial service provider, RI Advice, for similar failures in managing cybersecurity risks.

The breach has prompted wider discussions on the importance of cybersecurity within the financial sector. As an Australian Financial Services (AFS) licensee, FIIG is legally required under the Corporations Act 2001 to maintain adequate risk management systems. This failure to comply with regulations has significant legal and regulatory implications, as ASIC is now seeking civil penalties, declarations of contravention, and compliance orders against the company. Financial services providers, especially those handling sensitive personal and financial data, are now under increasing scrutiny by regulators to ensure they are protecting their clients’ information effectively. The breach has raised alarms about how financial institutions manage their cybersecurity infrastructure and how they respond to threats.

Cybersecurity experts have pointed out that the broader issue goes beyond the breach itself and focuses on FIIG’s failure to implement reasonable measures to mitigate cybersecurity risks. Some of the critical cybersecurity practices that were allegedly neglected include developing an incident response plan, implementing multi-factor authentication, performing vulnerability scanning, and maintaining effective privileged access management controls.

In particular, experts emphasized the importance of training employees to recognize potential threats and ensuring that security measures such as firewalls and monitoring systems are continuously updated and improved. The breach also highlights the rising importance of a strong cybersecurity framework for financial institutions, with ASIC’s emphasis on enforcing regulatory compliance within the industry. The case serves as a cautionary tale, urging all companies—especially those in the financial sector—to reassess their cybersecurity posture to prevent similar breaches and avoid the legal and financial consequences of non-compliance.

 

Reference:

  • ASIC sues FIIG Securities for systemic and prolonged cybersecurity failures
Tags: AustraliaCyber NewsCyber News 2025Cyber threatsFIIG SecuritiesMarch 2025
ADVERTISEMENT

Related Posts

UK Government Shifts to Passkey Security

Google Deploys AI to Combat Scams on Chrome

May 9, 2025
UK Government Shifts to Passkey Security

The Nmap Project released Nmap 7.96

May 9, 2025
UK Government Shifts to Passkey Security

UK Government Shifts to Passkey Security

May 9, 2025
Kirsten Davies Nominated as Pentagon CIO

Kirsten Davies Nominated as Pentagon CIO

May 8, 2025
China’s Cyber Power Raises UK Concerns

China’s Cyber Power Raises UK Concerns

May 8, 2025
Europol Takes Down Global DDoS Services

Europol Takes Down Global DDoS Services

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial