Australia’s securities watchdog said that although the server was used to transfer credit license applications and other forms, it did not seem that the applications had been downloaded.
In a statement, the ASIC acknowledged “some risk that some limited information may have been viewed by the threat actor.”