Durrant Pate/Contributor

The authorities are confirming that stolen data relating to the day-to-day work of the Financial Services Commission (FSC) as a financial sector regulator, has been published on the Internet.

This represents a serious breach and is the subject of intensive investigation, as the FSC, Jamaica Cyber Incident Response Team (JaCIRT) and the Major Organised Crime & Anti-Corruption Agency (MOCA) probes the recent cyber-attack on the financial service regulator. 

In a joint statement released last evening (September 13) by the FSC, JaCIRT and MOCA, they confirmed that “the cyber event involved a ransomware attack by cyber criminals, who obtained unauthorised access to the FSC’s networks.”

The FSC first brought the matter to public attention on September 6, 2023, when it issued a press release advising that it experienced a cyber-event. As soon as the breach was detected, the FSC initiated its response plan, collaborating with JaCIRT, MOCA, the Financial Investigations Division and other Jamaican and international cybersecurity experts to assess and contain the threat.

Breach contained

The authorities are reporting that “the breach was contained within the FSC’s network systems, and over the past week the Commission has continued to work diligently with law enforcement partners and cybersecurity experts. The collaboration has been aimed at investigating the circumstances surrounding the attack, ascertaining the extent of the breach, implementing data recovery, and strengthening the Commission’s IT security infrastructure.”

According to the joint statement, “the FSC, JaCIRT, and MOCA are aware that data relating to the day-to-day work of the Commission as a financial sector regulator has been published on the Internet…While the investigations are ongoing, the Commission has strengthened its cybersecurity systems and bolstered its cyber resilience.”

The FSC says it has been working continuously with its partners to minimise delays, address inconveniences, and enhance communication. Effective immediately, licensees, registrants, and other stakeholders can reach out to the Commission with queries, comments, and concerns at the designated email address: [email protected].

The FSC, working with its partners reiterated its commitment to staying ahead of these malicious actors to maintain the security of its systems and the continuation of its essential regulatory operations. The financial services regulator is promising that further updates will be provided, as the investigations progress and as new information becomes available.