Media Comms Giant Says Ransomware Hit Will Cost Millions

isentia ransomware cost

Aussie firm Isentia said “remediation and foregone revenue” could total $8.5 million AUS or more.

Media communications giant Isentia is reporting that its coffers will be emptied of as much as $6 million ($8.5 million AUS) in the wake of a ransomware attack last week.

The company is a media-intelligence and data-analytics firm headquartered in Australia, with a presence throughout Southeast Asia. It’s known for its Mediaportal platform, which aggregates news about customers’ brands and is used by public relations and marketing teams globally. According to its website, customers include a variety of major clients, including the Australian government, Singtel, Samsung and the Walt Disney Corp.

Isentia said that remediation costs and lost business stemming from its systems being locked up by the attack will create a big hit to its bottom line for fiscal year 2021, with an estimate that this will total $7 million to $8.5 million AUS.

CEO Ed Harrison however said that “it is difficult to fully assess the impact on our FY21 pre-tax earnings” given that the estimate is based on an ongoing assessment of the incident – so the amount could be revised upward.

In a statement issued on Tuesday (obtained by Bitdefender), the firm also said that the attack happened as the company was transitioning to a new debt facility with the Commonwealth Bank of Australia (CBA), meaning that the timeline for the drawdown of the CBA facility has been elongated – potentially also affecting its earnings results.

The ransomware attack happened on Oct. 27, after which the Mediaportal was downed, both for customers and staff. Workers resorted to preparing media reports manually, according to reports. The company and the Australian Cybersecurity Centre both quickly confirmed the attack.

“The impact of Isentia, a media-monitoring firm, being hit by a cyberattack demonstrates the interconnected world of national cyber-defense,” said Steve Forbes, government cybersecurity expert at Nominet, via email. “While a media-monitoring firm wouldn’t typically be considered part of critical infrastructure, its work with many government departments and large organizations – such as the Australian Stock Exchange – [was] put on hold due to the cyberattack.”

In Tuesday’s notice, it said that Mediaportal has been restored, while other IT systems are still inaccessible. “Key elements of our services” are being restored each day, according to Harrison, and the company is “making good progress.

There’s no word on which ransomware was behind the attack, or what the initial infection vector was.

“This incident also reminds us of the importance of vetting third parties in terms of their cyber resilience,” Forbes said. “While the full details of this particular security breach are yet to emerge, best practice advice is to ensure third parties have at least similar practices and procedures as your own to keep sensitive data safe.”

The news comes as ransomware attacks continue to crest, particularly in attacks against hospitals, and helped along by tools like an exploit for the Zerologon bug.

In a warning last week, the Cybersecurity and Infrastructure Security Agency (CISA) said it was tracking mass ransomware activity, as well as the use of the malware Trickbot against healthcare facilities.

Hackers Put Bullseye on Healthcare: On Nov. 18 at 2 p.m. EDT find out why hospitals are getting hammered by ransomware attacks in 2020. Save your spot for this FREE webinar on healthcare cybersecurity priorities and hear from leading security voices on how data security, ransomware and patching need to be a priority for every sector, and why. Join us Wed., Nov. 18, 2-3 p.m. EDT for this LIVE, limited-engagement webinar.

Suggested articles