Australian infrastructure company Ventia took systems offline following a cyber attack

Ventia, an essential infrastructure services provider in Australia and New Zealand, said it suffered a significant cyber attack that disrupted daily operations and forced it to take some of its systems offline.

Ventia is one of the largest essential infrastructure services providers in Australia and New Zealand. It provides facility management, asset management, telecommunications, engineering, environmental management, and more to government agencies, utilities, property owners, and private companies.

In a data security incident notification posted on its website, Ventia said it identified a cyber security incident affecting some of its key systems that had to be taken down. The company is working with external cyber security experts to understand the nature and scope of the cyber attack and is “actively working with regulators and law enforcement” to resolve the situation.

“As we work to restore our networks, we will prioritise the security and safety of our people, our customers, and our stakeholders. Ventia will provide further details to our nominated customer representatives, regulators, and other stakeholders as they become available,” the company said.

Ventia said in another notification that while its daily operations continue, it is keeping a close eye on all its internal systems.

“We will not hesitate to take further protective action if required as operations return to normal in the days ahead. We will provide further updates to our nominated customer representatives, regulators and other stakeholders as our response to the incident progresses,” it added.

The company is yet to share details on how the threat actors infiltrated its network, the nature of the cyber attack, or whether any data was stolen from its network.

Australian companies have been a constant target of threat actors. Last year, Australian telecommunications company Optus suffered a massive data breach that compromised the sensitive personal information of almost nine million customers.

Around the same time, Australian private health insurance provider Medibank Private suffered a cyber attack that forced it to take certain systems offline to protect customers’ information. Though the company managed to isolate its systems after discovering the attack, the attackers had by then successfully exfiltrated the data of around 5.1 million Medibank customers, 2.8 million ahm customers, and 1.8 million international customers.