Nexia Australia and New Zealand, a network of solutions-focused accountancy and consultancy firms, said in a statement on Monday that the incident had been dealt with jointly by its IT department and an external IT partner.
“From a business and client perspective, all the appropriate IT protocols were in place and the firewalls and anti-virus protection mechanisms were activated to immediately deal with this sort of business threat and protect all stakeholder files and privacy,” managing partner Paul Dal Bosco [below, right] said.
The company is part of the Nexia International Group that reported revenue of about US$4.3 billion (A$5.9 billion) in 2019.
The attackers claim to have stolen 76GB of data during the incident. Nexia has denied this on more than one occasion.
Nexia said in the statement that it has "a robust IT infrastructure with appropriate business policies and processes... in place to be able to swiftly deal with these types of threats. Over the past few years, the firm has made major improvements to the IT infrastructure enabling it to defend such attacks".
The company said the incident had been noticed on 3 November and was immediately acted upon. "The matter was swiftly dealt with by Nexia’s IT providers and the company advised that there was no evidence of any movement of data or files," it said.
"As part of the process, strict protocols were followed, passwords were immediately changed, latest security upgrades were applied to servers, and firewalls were geo-locked."
ICT manager Angelo LoCastro said: “Nexia’s best option against ransomware was to have the appropriate protection in place where our software and anti-virus prevents the malicious spontaneous encryption of data. Once the ransomware is intercepted, the systems in place enable a position where it reverts the files back to their safe states.”
Dal Bosco added: “This type of threat is certainly a business-critical danger, which can be triggered quite innocently in any organisation. What you need to ensure is that you have the capacity and appropriate protections in place to prevent something like this escalating and causing significant harm to your business.
"Confidentiality of our data is paramount. In our case, the Nexia Melbourne IT Department and external IT providers were able to swiftly and immediately deal with all the issues to ensure the protection of our business and maintain the security and confidentiality of our important client and business information.”