Outsourcing provider OracleCMS says it has been affected by a cyber-security incident during which a third party gained access to a part of its data, adding that some files have been published online.
"Upon discovery, OracleCMS engaged external cyber-security experts to help us secure our systems and investigate the incident," the company said.
"Available evidence suggests that the impacted data is limited to corporate information, contract details, invoices, and triage process workflows.
"Any personal information, if present, is anticipated to be basic contact information as appears in contracts and invoices. We are advised that this data presents a low risk of misuse."
{loadposition sam08}The statement said the company had contacted client organisations which had been identified as potentially impacted and would be working with them to notify those who required guidance and support to mitigate the risk of data misuse.
OracleCMS has call centres in Melbourne, Adelaide, Perth, Brisbane and Sydney.
"We understand this news may cause concern, and we are deeply sorry that this has happened. We are committed to keeping our stakeholders updated as we work to respond to this incident," the company said.
The OracleCMS incident can be traced to the ransomware group Lockbit 3.0.
The group had given the company a deadline of 16 April to get in touch and negotiate. From the company's statement, it looks like that did not work out.
Contacted for comment, Brett Callow, a ransomware threat researcher with Emsisoft, said: "Ransomware seems to be an intractable problem for governments and, despite a myriad initiatives, volumes and costs seem to be as bad as ever, and possibly worse.
"What governments have been doing is not working, and new strategies are desperately needed."