AUS
NZ
UK
CA
USA
IND
_06_04_2026_00_29_48_108019.jpg)
Australia's Iress Ltd (ASX: IRE) revealed on Wednesday that a stolen credential from its third-party user space was utilised to illicitly access client data within the production environment of the financial services software platform, OneVue, over the preceding weekend.
In an exchange filing, the financial software firm stated, "It has now been discovered that a credential within Iress' GitHub user space was stolen and used to gain access to Iress' OneVue production environment." The firm further added, "The OneVue production environment contains client data and we are investigating the extent and nature of the data accessed."
It was clarified that OneVue's production environment is compartmentalised to the platform's distinct businesses - MFA, Platform, and OneVue Super.
Praemium, which recently acquired OneVue Platform Business (IOPB), emphasised that the breach solely impacted the OneVue business and assured that no Praemium technology or client data had been compromised. Praemium stated, "At this time, Praemium has no indication from Iress that OneVue client data has been compromised."
Earlier in the week, Iress disclosed the data breach within the user space on GitHub, identified over the weekend, and emphasised that it does not store any client information on the platform.
Concurrently, investigations across Iress's other business segments are ongoing, with no additional instances of data breach identified as of yet.
