[BreachExchange] 'Malware' takes Aussie money-manager MyBudget down for five days

Mon May 18 10:26:54 EDT 2020

https://www.theregister.co.uk/2020/05/14/mybudget_outage/

UPDATE One of Australia's largest debt-management services has gone
TITSUP, leaving thousands of users in financial limbo.

Adelaide-based MyBudget has been down since Saturday, 9 May. The
company's client portal, app, messaging system, and its automatic
payment system have all become unavailable.

MyBudget provides debt consolidation and other services for its
clients, and helps them to manage money by making payments on their
behalf. The company says that while the systems are down, users will
not be able to access their funds and automatic payments will not be
able to be processed, leaving many with urgent bills in a lurch.

In an email to customers on Sunday, the company said it expected the
issue to be resolved within 48 hours, but as of Thursday afternoon,
the company's systems are still down. The company said that users can
still process urgent bills over the phone, but urged them to seek
extensions where possible.

The outage has led to a surge of customers calling the company to
organise their finances. Users have reported being unable to get
through because busy lines or very long wait times. Users took to
Twitter to complain: "I have been trying all day," said
@AllisonYancey. "Will my rent be paid on time this Friday or not?"

MyBudget at MyBudgetcomau
 · May 12, 2020
Replying to @AllisonYancey7

I am very sorry Allison, our phones are currently at capacity and we
are doing our best to work through them. At this stage all we can ask
is that you try calling again later. - Erica.

Allison Yancey at AllisonYancey7

I have been trying all day. Will my rent be paid on time this Friday
or not? If not I need to make arrangements. Will we have our spending
money for next week??

1
12:11 AM - May 13, 2020
Twitter Ads info and privacy

See Allison Yancey's other Tweets

In a video update emailed to customers on Tuesday, the company's
founder, Tammy Barton, assured users that their money "is absolutely
safe and secure". "I want to let you know that we've been working
around the clock, literally, to get everything fixed, tested and back
online as soon as possible," she said.

Barton also said that the company would waive customer fees and
reimburse any late fees incurred from the outage.

The company hasn't yet said what caused the outage and did not respond
to our request for an explanation. But El Reg smells a ransomware
attack on the basis that apps are unavailable and the company seems to
think it can restore its operations.

In a video update yesterday, Barton says that the issue is "close to
being resolved". "We are committed to not going back online until we
can do so with absolute confidence in the system," she said.

But at the time of writing, there's no sign her confidence was justified. ®

UPDATE: 14:15 AEST 15/5/2020 MyBudget has issued a new update [PDF]
that says: "As a result of investigations undertaken so far, we can
confirm that a malware incident occurred which has interrupted a
number of our automated systems."

"We can assure you that clients’ money remains secure and has not been
impacted. We apologise for the delay in communicating the cause of the
outage. We hope you appreciate that we needed some time to perform due
diligence and forensic investigations, which is typical for these
types of incidents."