Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
FIIG Securities

FIIG Securities Vendor Cyber Rating & Cyber Score

fiig.com.au

FIIG Securities (FIIG) is Australia’s largest fixed income specialist with over 6,000 investors and $5bn of funds under advice. FIIG offers Australian investors direct access to over 1,000 domestic and international Corporate Bonds, working with private clients, advisers, not-for-profit organisations and institutions to help them manage their fixed income investments. FIIG’s Debt Capital Markets team has also raised over $3.3b for over 100 corporates through the issue of Corporate Bonds. Founded in 1998, FIIG has offices in Brisbane, Sydney, Melbourne, and Perth and employs over 100 staff to assist investors with access to FIIG’s expertise and fixed income investment opportunities.


FIIG Securities A.I CyberSecurity Scoring

FIIG Securities
Company Information
Website:http://www.fiig.com.au
Employees number:80
Number of followers:11,981
NAICS:52
Industry Type:Financial Services
Homepage:fiig.com.au
FIIG Securities Risk Score (AI oriented)
Between 0 and 549
logo
FIIG SecuritiesFinancial Services
Updated:
31/03/2026
398/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
FIIG Securities Global Score (TPRM)
xxxx
logo
FIIG SecuritiesFinancial Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

FIIG Securities
FIIG SecuritiesCritical
Current Score
398C (CRITICAL)
01000
3 incidents
-177 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
418Before Incident
JUNE 2026
415Before Incident
MAY 2026
406Before Incident
APRIL 2026
405Before Incident
MARCH 2026
396Before Incident
FEBRUARY 2026
564Before Incident
Breach
09 Feb 2026FIIG Securities
FIIG Securities: FIIG Securities hit with $2.5M penalty for cybersecurity failures

FIIG Securities Fined $2.5M for Cybersecurity Failures Leading to Client Data Breach

387After Incident
CRITICAL-177
FII1770674142
FIIG Securities Fined $2.5M for Cybersecurity Failures Leading to Client Data Breach Australia’s financial regulator, ASIC, has secured its first penalty of this kind, ordering fixed income specialist FIIG Securities to pay $2.5 million for cybersecurity failures that resulted in a breach exposing the personal data of 18,000 clients. The incident marks a significant enforcement action under Australia’s financial services laws, underscoring regulatory scrutiny on cybersecurity compliance in the sector. The breach stemmed from inadequate security measures, though specific details of the attack including the timeline and methods used remain undisclosed. The penalty reflects ASIC’s growing emphasis on holding firms accountable for safeguarding client information, particularly in industries handling sensitive financial data. The case sets a precedent for future enforcement, signaling that cybersecurity lapses may carry substantial financial consequences for financial services providers. No further details on remediation efforts or client notifications were provided.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Financial Loss: $2.5 million (fine)Data Compromised: Personal data of 18,000 clients
DATA BREACH
Type Of Data Compromised: Personal dataNumber Of Records Exposed: 18,000Personally Identifiable Information: Yes
JANUARY 2026
563Before Incident
DECEMBER 2025
559Before Incident
NOVEMBER 2025
555Before Incident
OCTOBER 2025
552Before Incident
SEPTEMBER 2025
548Before Incident
AUGUST 2025
544Before Incident
MAY 2023
718Before Incident
Ransomware
19 May 2023FIIG Securities
FIIG Securities: FIIG Securities Fined AU$2.5 Million Following Prolonged Cybersecurity Failures

FIIG Securities Fined AU$2.5M for Prolonged Cybersecurity Failures Leading to Major Data Breach

397After Incident
CRITICAL-321
FII1770717211
FIIG Securities Fined AU$2.5M for Prolonged Cybersecurity Failures Leading to Major Data Breach Australian fixed-income firm FIIG Securities has been fined AU$2.5 million by the Federal Court after failing to protect client data from cyber threats over a four-year period, culminating in a 2023 ransomware attack that exposed sensitive personal and financial information. The penalty marks the first time the court has imposed civil penalties for cybersecurity failures under an Australian Financial Services (AFS) license. The breach, attributed to the ALPHV/BlackCat ransomware group, occurred in May 2023 when a hacker infiltrated FIIG’s network and remained undetected for nearly three weeks, exfiltrating 385GB of data. Compromised information included names, addresses, driver’s licenses, passports, bank details, and tax file numbers belonging to 18,000 clients. FIIG only learned of the incident after being alerted by the Australian Signals Directorate’s Cyber Security Centre (ASD’s ACSC) on June 2, delaying its internal investigation by six days. The court found that FIIG had failed to implement basic cybersecurity measures between March 2019 and June 2023, including: - Poorly configured firewalls and irregular software patching - Lack of mandatory cybersecurity training for staff - Inadequate privileged access management and multi-factor authentication (MFA) - No up-to-date incident response plan or regular vulnerability scanning - Ineffective endpoint detection and response (EDR) tools - A poorly configured Security Information and Event Management (SIEM) system FIIG admitted to violating its AFS license obligations, acknowledging that stronger controls could have prevented or mitigated the breach. In addition to the fine, the firm was ordered to pay AU$500,000 toward ASIC’s enforcement costs and must now implement a compliance program overseen by an independent cybersecurity expert. ASIC Deputy Chair Sarah Court emphasized the case as a warning, stating that “inadequate controls put clients and companies at real risk”, while ASIC Chair Joe Longo stressed that cybersecurity requires continuous monitoring, not a “set and forget” approach. The ALPHV/BlackCat group, known for using compromised credentials, PowerShell scripts, and Cobalt Strike to disable security features, later claimed responsibility for the attack. The breach was discovered only after an employee was locked out of their email, revealing encrypted files and wiped backups. While FIIG restored some systems, critical data was permanently lost. The case sets a precedent for cybersecurity enforcement in Australia’s financial sector, with experts noting that regulators now expect firms to align protections with data sensitivity, business scale, and potential attack impact.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Financial Loss: AU$2.5M fine + AU$500K enforcement costsData Compromised: 385GB of dataOperational Impact: Critical data permanently lost, systems restored partiallyLegal Liabilities: Violation of AFS license obligationsIdentity Theft Risk: High (exposure of PII, bank details, tax file numbers)Payment Information Risk: High (exposure of bank details)
DATA BREACH
Personally Identifiable Information (PII)Financial InformationNumber Of Records Exposed: 18,000 clientsSensitivity Of Data: High (driver’s licenses, passports, bank details, tax file numbers)Data Exfiltration: Yes (385GB exfiltrated)Data Encryption: Yes (files encrypted by ransomware)NamesAddressesDriver’s licensesPassportsTax file numbers
MARCH 2019
753Before Incident
Breach
01 Mar 2019FIIG Securities
FIIG Securities

FIIG Securities Data Breach

660After Incident
CRITICAL-93
FII946031525
FIIG Securities, an Australian financial services firm, faces legal action after a cybersecurity breach resulted in the unauthorized access and exposure of sensitive information belonging to 18,000 clients. From March 2019 to June 2023, FIIG reportedly had inadequate cybersecurity defenses, which led to a hacker penetrating their IT network and extracting about 385GB of confidential data, including client details, over a period from May 19 to June 8, 2023. The leaked information was later discovered on the dark web, posing significant risks to the affected clients.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Data Theft
IMPACT
Client DetailsBrand Reputation Impact: SignificantLegal Liabilities: Legal ActionIdentity Theft Risk: High
DATA BREACH
Type Of Data Compromised: Client DetailsNumber Of Records Exposed: 18,000Sensitivity Of Data: HighData Exfiltration: TruePersonally Identifiable Information: True

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for FIIG Securities ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in June 2026 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in May 2026 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in April 2026 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in March 2026 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in February 2026 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in January 2026 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in December 2025 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in November 2025 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in October 2025 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in September 2025 ?
?
What was FIIG Securities's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on FIIG Securities's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with FIIG Securities ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view FIIG Securities's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?