CIPC to require company verification after cyber scare

The Companies and Intellectual Property Commission (CIPC) today met with professional accounting bodies and other stakeholders to reassure them about the safety of company data.

The meeting follows the recent breach of the CIPC systems by hackers. This incident demonstrates why strong cybersecurity is essential, not just a choice.

As we do more online, from business to storing personal information, the risk of cyber-attacks grows. Good cybersecurity practices are crucial for avoiding financial losses, keeping operations running smoothly, and protecting private data. By implementing strong security measures, both individuals and organizations can stay safe from the vast array of digital threats, ensuring their online activities remain secure and uninterrupted.

Cyber breach at CIPC

The Companies and Intellectual Property Commission (CIPC) demonstrated resilience in the wake of a cybersecurity breach, ensuring that business operations continue with minimal disruption. On 6 March 2024, a Companies Liaison Committee was convened to address the recent incident, where hacker(s) attempted to compromise the commission's database.

Commissioner Rory Voller reassured all stakeholders that CIPC is deeply committed to cybersecurity, investing significantly to protect its digital infrastructure. The breach, which occurred a week prior, involved unauthorised access to one of the systems used by CIPC, which is separate from its core databases.

Upon investigation, it was confirmed that the breach was contained within the QRS system and did not extend to any core business systems. There were no instances of data loss identified contrary to the claims in the media. This swift identification and containment underscore the commission's robust security protocols and the isolated nature of the incident.

Actions going forward

The breach necessitates the rebuilding of the Query Resolution System, and additional security measures are being implemented to fortify the commission's digital ecosystem. These enhancements, while crucial for long-term security, may temporarily affect response times, leading to potential delays or backlogs in processing.

Customer verifications

To further secure user accounts all customers will have to go through a mandatory one-time validation of customer codes (passwords). As this links to Home Affairs, customers are advised to log in during early morning hours or late afternoon to avoid long waiting times.

Enroll for CIBA’s Cybersecurity Certificate Program

Through this engaging certificate program, you will learn:

• Common cybersecurity risks and how to minimize those risks;

• Good cyber hygiene at the organizational and personal level;

• Available cybersecurity related services;

• Business events that trigger cybersecurity considerations;

• Proactive responses in the event of a cyberattack;

• Considerations for assessing the effectiveness of a cybersecurity risk management program;

• Cybersecurity best practices in today’s business environment.

• Empower yourself to implement a sound cybersecurity risk management program that will help your organization avoid cyberattacks and recover quickly when they do occur.