The company said in a note on its website that a third-party provider of unit registry and administration service had been breached.
On its website, Perpetual lists Tech Mahindra as its registry provider. The Indian firm has suffered a ransomware attack that came to light in March 2021, when its Smart City Project in Pune crippled 25 of its servers.
Perpetual has about $210 billion in funds under management. The company said it had previously reported an extended outage as a result of the incident.
|
|
Perpetual said core systems had been restored and the processing of client transactions and payment of withdrawals has re-commenced. However, access to myPerpetual was still affected.
Perpetual added that its listed products, institutional mandates, Pendal, Perpetual Corporate Trust, Perpetual Wrap clients or any of its international asset management businesses had not been hit by the incident.
"Importantly, there is no impact to any Perpetual client investments, or our own systems, which remain safe and secure," the note added.
"Our current assessment has identified that sensitive client data remains secure and encrypted.
"Unfortunately, a limited amount of personal information has been compromised. Given the ongoing and increasing threat of cyber-security events, we are proactively informing all of our clients."
Two other financial services firms have been hit by ransomware in the recent past: FIIG and Latitude.
Contacted for comment, Emsisoft ransomware threat researcher Brett Callow said: "Current counter-ransomware strategies appear to not be working too well.
"The number of ransomware incidents certainly doesn’t appear to be decreasing, and early estimates indicate that this year may be worse than last in terms of both the volume of attacks and the dollars paid in ransoms."
