Iress says its GitHub user space was breached

Iress has disclosed to shareholders that its private user space with software code repository GitHub was subjected to a cyber-attack over the weekend.

On Saturday, GitHub - a third-party platform that manages software code before it goes live on another platform - was subjected to a cyber-attack during which Iress' user space was accessed. However, Iress does not store any client information on GitHub.

Iress said it restricted access to GitHub "immediately upon discovery and commenced a rapid investigation."

"There is no evidence that client data has been compromised as a result of this issue," Iress said.

"There is also no evidence that Iress' production or client software has been compromised."

As a result, Iress said it does not expect any disruption to its business or clients' ability to use its software and systems.

The announcement was made in the interests of transparency and keeping all stakeholders informed, Iress added.

According to GitHub's Innovation Graph, about 1.5 million developers use the platform in Australia, with about 83,000 companies on its books.

Earlier this year, AustralianSuper announced it is using GitHub Copilot "to enhance the efficiency and creativity of its software development team by streamlining code creation and review." Meantime, Commonwealth Bank was also among the first in Australia to use GitHub Copilot, with ANZ Bank signing up shortly after.

Financial Standard is not suggesting AustralianSuper, Commonwealth Bank, or ANZ Bank are involved in the breach or had their user spaces compromised in any way.