Aon says “containing impact” is central to cyber resilience, after Australian fintech platform youX reported a hacker had gained access to client data.

“No organisation can be fully prepared,” the broker’s cyber solutions group interim director Drew Trahms said. “The companies that recover fastest focus on five drivers of value protection: preparedness, strong leadership, swift decision-making, clear communication and the ability to adapt after an incident, rather than relying on prevention alone.”

She says Aon’s Global Cyber Risk Report shows businesses can “dramatically” reduce harm through their responses.

“In short, cyber resilience is no longer about stopping every breach, it’s about containing impact, protecting trust and demonstrating control when things go wrong, because how a business responds now determines whether a cyber event becomes a reputational crisis.”

YouX flagged a breach on February 9, saying: “We recently identified a potential security incident involving unauthorised access claims made by a third party in relation to systems used by youX.” 

It has engaged with authorities including the Office of the Australian Information Commissioner and the Australian Cyber Security Centre.

In an update on Tuesday, youX confirmed it had “identified unauthorised access to its systems, by a third party, as part of an ongoing investigation into an IT security incident. We are now aware that a threat actor has released data that it claims to have obtained as part of its unauthorised access.

“As a result, we have identified that personal information may have been compromised.”