Media monitoring provider Isentia has put the immediate cost of a “significant” ransomware attack on its flagship intelligence and insights service last week at at least $7 million.
The incident, disclosed on Tuesday last week, disrupted the operation of the company's SaaS platform, Mediaportal.
Mediaportal is Isentia’s all-in-one platform used by both public and private sector communications professionals to stay across media coverage and identify journalists.
Isentia entered a trading halt on Friday last week before providing an update today.
The company said it had “cut off the unauthorised party’s entry point" and that there had been “no evidence of further activity since the incident occurred on Monday 26 October”.
“As servers are brought back online we are ensuring they are free of any malicious software and have an additional level of monitoring enabled,” it said.
“Our security experts are forensically examining our servers to ensure we have correctly identified the entry point, and also to determine if any data has been affected.”
Isentia said it would not confirm the point of entry used by the attackers, nor share the indicators of compromise "at this time", citing ongoing investigations.
The company said it was monitoring the potential for data to be leaked by the attackers.
"Isentia is monitoring for any evidence that clients data has been posted," it said.
"At this time, there is no evidence to suggest that this is the case, however this remains under close review and we will contact you as soon as possible if we confirm that any of your information has been compromised."
It said the incident had been contained and systems secured with the assistance of external cyber security specialists.
“Isentia has been able to progressively restore a number of services in recent days and this is ongoing,” the company said in a financial filing.
Mediaportal is "operational and accessible by customers, though some "key services" such as automated email alerts were still unavailable.
Financial cost
Isentia described the incident as “significant as operations were severely compromised”, with a hit of between $7 million and $8.5 million expected on its pre-tax earnings this financial year.
“Isentia advises that the immediate impact on the company’s net profit before tax (NPBT) from the cyber security incident is expected to be a significant decline in the range of $7m to $8.5m in FY2021,” it said.
Isentia managing director and CEO Ed Harrison said the "estimate of $7m-8.5m reflects remediation costs and foregone revenues from services affected by the outage".
He added that the company “responded rapidly to the cyber attack last week putting in place measures to support our customers and contain the impact on our systems”.
“We are pleased to report that we are making good progress in resolving this issue, with key elements of our service being restored each day and I would like to thank our customers for their patience during this time,” Harrison said.
“While this has obviously been a challenging period for the company, I’m incredibly proud of our team who have worked tirelessly to support our customers and investigate the impact on our Mediaportal platform.”
Isentia said the incident occurred as the company was “in the process of transitioning to a new debt facility with the Commonwealth Bank of Australia”, the timetable for which has now been delayed as a result.
