Case Study: ASX 500 Client Cyber Incident Response

The issue

An Australian Securities Exchange (ASX) listed company ranked in the top 500 experienced a data breach on a legacy website acquired through a smaller company purchase. A threat actor exploited vulnerable code to access the web server, extract data and install malware.

The compromised server was also used for phishing campaigns and hosting illicit advertisements. The breach triggered regulatory notification obligations to the Office of the Australian Information Commissioner (OAIC), Australian Signals Directorate (ASD), and affected individuals, as well as ASX disclosure requirements.

How we assisted

Clayton Utz led the response and investigation, conducting digital forensics to determine the attack's scope and method, analysing malicious code and supporting containment efforts. The team guided the secure migration of the website infrastructure and worked closely with the Chief Financial Officer to ensure clear communication and board alignment.

The team liaised with the ASD, assisted with the OAIC and ASX notifications, and validated the IT team's security improvements.

Clayton Utz's multidisciplinary team of legal, technical and cyber specialists operates as a fully integrated unit. This integration allows all response activities to be conducted in-house, delivering a faster, more seamless and efficient response.

_Disclaimer

_{Clayton Utz communications are intended to provide commentary and general information. They should not be relied upon as legal advice. Formal legal advice should be sought in particular transactions or on matters of interest arising from this communication. Persons listed may not be admitted in all States and Territories.}