Iress hack investigation finds 20 OneVue files breached

An internal investigation into the recent breach of Iress' GitHub user space found no evidence any of its client data was compromised, however 20 OneVue employees and clients weren't so lucky.

On May 11, Iress' private user space on third-party platform GitHub, which managed software code before it goes live elsewhere, was accessed.

In an update today, Iress said it's concluded its investigation into the incident, which occurred on May 13, and did not find any evidence that the Iress production environment, software or client data held on GitHub was accessed.

However, it was confirmed shortly after the breach that a limited portion of the OneVue platform's production environment was accessed. Following investigation, Iress has now confirmed a limited amount of personal information relating to 20 OneVue employees and clients was accessed.

This is because the part of the OneVue production environment that was accessed housed "information of a technical nature such as metadata, blank questionnaires and test files." The personal data was within those test files.

"Each of these individuals has been contacted directly about the incident and provided with appropriate guidance and support," Iress said.

Source code held in the Iress GitHub user space was also accessed and Iress said it is aware those responsible for the breach have threatened to publish the code.

"Iress confirms that it does not rely on the secrecy of its code as a security measure and has continued to take steps to reinforce security controls to protect its software and systems," it said.

Previously, Iress said that other statements made by the party responsible "do not align with the investigations made by Iress."

The company has also engaged specialist cyber incident and forensic technology providers to assist in responding to the incident.

"Iress has maintained regular service to clients throughout this incident and thanks its clients for their patience and support as we have worked to resolve this matter," Iress said.

"Iress will keep the market informed if there are any further significant developments."

At the time of the breach, about 1.5 million developers used the platform in Australia, with about 83,000 companies on its books.