[BreachExchange] Isentia ransomware attack expected to cost at least $7 million

Destry Winant destry at riskbasedsecurity.com
Tue Nov 3 10:27:36 EST 2020


https://www.itnews.com.au/news/isentia-ransomware-attack-expected-to-cost-at-least-7-million-555472

Mediaportal now operational, but some services still offline.

Media monitoring provider Isentia has put the immediate cost of a
“significant” ransomware attack on its flagship intelligence and
insights service last week at at least $7 million.

The incident, disclosed on Tuesday last week, disrupted the operation
of the company's SaaS platform, Mediaportal.

Mediaportal is Isentia’s all-in-one platform used by both public and
private sector communications professionals to stay across media
coverage and identify journalists.

Isentia entered a trading halt on Friday last week before providing an
update today.

The company said it had “cut off the unauthorised party’s entry point"
and that there had been “no evidence of further activity since the
incident occurred on Monday 26 October”.

“As servers are brought back online we are ensuring they are free of
any malicious software and have an additional level of monitoring
enabled,” it said.

“Our security experts are forensically examining our servers to ensure
we have correctly identified the entry point, and also to determine if
any data has been affected.”

Isentia said it would not confirm the point of entry used by the
attackers, nor share the indicators of compromise "at this time",
citing ongoing investigations.

The company said it was monitoring the potential for data to be leaked
by the attackers.

"Isentia is monitoring for any evidence that clients data has been
posted," it said.

"At this time, there is no evidence to suggest that this is the case,
however this remains under close review and we will contact you as
soon as possible if we confirm that any of your information has been
compromised."

It said the incident had been contained and systems secured with the
assistance of external cyber security specialists.

“Isentia has been able to progressively restore a number of services
in recent days and this is ongoing,” the company said in a financial
filing.

Mediaportal is "operational and accessible by customers, though some
"key services" such as automated email alerts were still unavailable.

Financial cost

Isentia described the incident as “significant as operations were
severely compromised”, with a hit of between $7 million and $8.5
million expected on its pre-tax earnings this financial year.

“Isentia advises that the immediate impact on the company’s net profit
before tax (NPBT) from the cyber security incident is expected to be a
significant decline in the range of $7m to $8.5m in FY2021,” it said.

Isentia managing director and CEO Ed Harrison said the "estimate of
$7m-8.5m reflects remediation costs and foregone revenues from
services affected by the outage".

He added that the company “responded rapidly to the cyber attack last
week putting in place measures to support our customers and contain
the impact on our systems”.

“We are pleased to report that we are making good progress in
resolving this issue, with key elements of our service being restored
each day and I would like to thank our customers for their patience
during this time,” Harrison said.

“While this has obviously been a challenging period for the company,
I’m incredibly proud of our team who have worked tirelessly to support
our customers and investigate the impact on our Mediaportal platform.”

Isentia said the incident occurred as the company was “in the process
of transitioning to a new debt facility with the Commonwealth Bank of
Australia”, the timetable for which has now been delayed as a result.


More information about the BreachExchange mailing list