Cyber Incident Victim: MyBudget
Date:
May 2020
Location:
Australia
Summary
A malware incident disrupted the financial management company MyBudget, causing a multi-day outage that rendered its client portal, mobile application, messaging system, and automated payment processing inaccessible. Clients were unable to view or manage funds, resulting in missed bill payments and financial uncertainty despite assurances that deposited funds remained secure. The organization advised customers to handle urgent payments via phone but experienced overwhelming call volumes and extended wait times, prompting public complaints. While initially vague on the cause, the company later confirmed a malware-related interruption after forensic investigations and committed to reimbursing late fees incurred by clients during the disruption alongside waiving service fees.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The MyBudget incident began on or around May 9, 2020, when the Adelaide-based financial management company experienced a widespread system outage affecting its client portal, mobile application, messaging platform, and automated payment processing systems. This disruption prevented customers from accessing their accounts or executing scheduled payments through MyBudget’s platform. The company communicated via email on May 10 that services would resume within 48 hours, but systems remained offline through at least May 14. MyBudget advised clients to request bill payment extensions where possible and offered manual payment processing via telephone for urgent transactions. The outage caused significant operational strain, with customers reporting prolonged call wait times and inability to reach support staff due to high demand. Public complaints emerged on social media platforms, including concerns about critical payments like rent not being processed before deadlines.
MyBudget founder Tammy Barton issued a video statement on May 12 confirming the company was working continuously to restore services and assuring clients their funds remained secure. She announced waived service fees and reimbursement for late penalties incurred due to the outage. While initial communications did not disclose the cause, the company confirmed on May 15 that a malware incident had disrupted automated systems, attributing delayed disclosure to ongoing forensic investigations. No data compromise or client fund losses were reported. The five-day outage prevented timely bill payments for customers relying on MyBudget’s debt consolidation and financial management services, requiring manual intervention for critical transactions. Restoration efforts prioritized system stability, with Barton emphasizing operations would only resume after thorough validation.