Listed intellectual property services firm IPH has confirmed that it has been subject to a cyber attack.
On Tuesday, the company asked the Australian Securities Exchange for a trading halt while it investigated a possible breach.
In an ASX statement released this morning [pdf], the company said on March 13 it detected “unauthorised access to a portion of its IT environment.”
“Based on preliminary analysis, it appears the incident is primarily limited to the document management systems of the IPH head office, and two IPH member firms,” it said.
The statement identified the member firms as Spruson & Ferguson, and Griffith Hack, and said their practice management systems were also breached.
Information that may have been breached includes business admin documents, client documents and correspondence, and IP case management information.
“The investigation underway is focused on determining whether the information stored in these systems has been accessed by the unauthorised third party,” the statement said.
IPH said it is working with external cyber security and forensic advisors, and has notified the Australian Cyber Security Centre of the incident.
The statement added that a business continuity plan has been activated, and that the affected organisations are able to conduct operations with some disruption.
