Cyber Incident Victim: Isentia
Date:
Oct 2020
Location:
Australia
Summary
A media monitoring firm experienced a major security incident suspected to be ransomware, disrupting its SaaS platform and affecting government and private sector clients. The company initiated containment measures, launched an investigation with external cybersecurity specialists, and notified national authorities while working to restore services. The incident highlighted supply chain risks, as third-party disruptions halted critical operations for multiple organizations despite the vendor not being classified as essential infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 28, 2020, media monitoring firm Isentia disclosed a major security incident disrupting operations in its SaaS Mediaportal platform through a regulatory filing with the Australian Securities Exchange. The Sydney-based company, operating across eight markets, confirmed the disruption affected online services but did not explicitly name ransomware as the cause, though external reports indicated it was suspected. CEO Ed Harrison stated the organization was taking urgent containment measures while launching a full investigation into the incident's origins and methods to prevent recurrence. Isentia prioritized service restoration but established interim customer support processes during the outage, acknowledging the impact on clients spanning federal government agencies and private sector organizations. The company engaged leading external cybersecurity specialists to assess the breach's scope and impact on critical systems, suggesting ongoing containment challenges at the time of disclosure.
The incident halted services for numerous government department clients, highlighting supply chain vulnerabilities in national cyber-defense ecosystems according to cybersecurity expert Steve Forbes of Nominet. Isentia formally notified the Australian Cyber Security Center (ACSC) about the breach while continuing forensic analysis with third-party specialists. Operational disruptions persisted across the Mediaportal platform, though the company did not disclose specific technical details about attacker entry points, data compromise, or encryption mechanisms. Forbes emphasized the event underscored third-party risk management necessities, particularly for vendors handling sensitive government data, though no evidence emerged regarding specific security failures in Isentia's infrastructure. The company maintained public updates solely through its ASX filings without releasing additional technical particulars about remediation timelines or system recovery stages beyond initial containment efforts.