Melbourne IT: we didn't lose one customer over AAPT hack

Melbourne IT might have been an "unintended victim" of Anonymous' decision to hack AAPT servers hosted by Melbourne IT, but its customers are staying with it, according to the firm's managing director.

Melbourne IT has not lost one customer over the incident last month, when Anonymous hacked an AAPT server , which was under Melbourne IT's care, and stole customer data.

The servers involved, which had been running a version of Cold Fusion that had a vulnerability, were nine to ten years old, Melbourne IT managing director Theo Hnarakis said. He added that, out of the 4000 servers that Melbourne IT had charge of, only three were impacted.

"It really could have happened to anyone operating a ten year old server with Cold Fusion," he said.

It was like having your house robbed, he said. You think you've locked the front door, and then someone gets in by breaking a window.

"These sorts of things happen," he said.

His comments echo those of the Australian Federal Police (AFP) from earlier this month. The AFP said that companies shouldn't get tied up in their guilt of being breached, and should instead come to the AFP with what had happened, as it was happening to many companies.

Since the breach, Hnarakis said that Melbourne IT had been working with customers that it thought might be vulnerable to attacks in the future. It's customers often ran old technology in order to keep the costs low, he said, which could then lead to security vulnerabilities that were not patched.

Melbourne IT had brought in security experts to forensically review its infrastructure, and had plans for how to shore up its security, he said.

Hnarakis' comments came as the company announced what he called a "mixed bag" of results for the first half to 30 June 2012, with some divisions holding up the others. The company achieved revenues of AU$89.8 million for the half, up 2.5 per cent on the same half in 2011, and net profit after tax of AU$5.8 million, up 18 per cent.

Services revenue was up. Within the digital brand services division, the company had managed 146 .brand applications for gTLDs, he continued, of which 110 have committed to five year registry services contract, the revenue for which Melbourne IT would see in 2013 when the .brand names are expected to go online.

The SMB operation's revenues were down because of Microsoft customers migrating from Microsoft's Office Live Small Business Service, which had encompassed hosting and cloud email with addresses from Melbourne IT. Microsoft replaced the service from Office 365.

The migration meant that Melbourne IT call centre volumes increased significantly, and the portal was reportedly also taken down by the volume.

This business had also been affected by an incident in January, when fraudulent credit card numbers were being used to attempt to purchase services from its website, causing high traffic volumes, which impacted the service for legitimate customers.

Melbourne IT's technology transformation program will see AU$3 million in savings in the second half of the year, according to the company. However, the total project cost will increase from AU$25 million to somewhere between AU$28 million and AU$30 million, and its completion date will be delayed by six months, due to additional fixes and functionality.

Show Comments