{{propApi.title}}
{{propApi.text}} {{region}} Change location{{propApi.title}}
{{propApi.successMessage}} {{region}} Change location {{propApi.title}}
{{propApi.text}} {{region}} Change location{{propApi.title}}
{{propApi.successMessage}} {{region}} Change locationHIA response to MOVEit Transfer software breach
HIA response to MOVEit Transfer software breach
Member and guest login
Enter your email and password to access secured content, members only resources and discount prices.
Did you become a member online? If not, you will need to activate your account to login.
If you are having problems logging in, please call HIA helpdesk on 1300 650 620 during business hours.
Forgotten password
Need some help?
If you are having problems logging in, please call HIA helpdesk on 1300 650 620 during business hours.
If the email address you have entered is registered, you will receive an email with further instructions.
Become part of the HIA community
Enables quick and easy registration for future events or learning and grants access to expert advice and valuable resources.
Create a guest account
Enter your details below and create a login
HIA did not share any financial, credit or accounting information. It is important to note that HIA’s own systems were not impacted by the incident.
Impacted individuals will be contacted with advice and support. If you have been impacted, you will receive this advice via email or by letter.
Find some frequently asked questions below
1. Why did I receive a notification letter?
HIA work with PwC, who provide a variety of professional services, including assurance and consulting advice and have historically utilised the MOVEit Transfer software to transfer data related to their engagement. A previously unknown security vulnerability in the MOVEit Transfer software meant that a third party was able to download files related to HIA and PwC’s engagement, and some of those files included your personal information.
Given the nature of your information that was accessed, PwC have sent you a notification letter with details of the incident and important information about actions you can take.
2. What is the MOVEit incident?
The MOVEit Transfer software application is used by a significant number of organisations worldwide to securely send and receive data. Up until recently, PwC Australia used the MOVEit Transfer software application to transfer or receive information for some of its engagements with its clients. A previously unknown security vulnerability in the MOVEit Transfer software meant that a third party was able to download files and information stored in the application. PwC Australia is one of the many organisations worldwide that has been impacted by the incident.
More detail about the incident is available on MOVEit’s website.
3. Whose fault is this?
A group known as Cl0p has claimed responsibility for the attack on the MOVEit Transfer software and the disclosure of the information obtained. Cl0p exploited a security vulnerability in the third party file transfer software called MOVEit Transfer.
More detail about the incident is available on MOVEit’s website.
4. Who stole the data?
A group known as Cl0p has claimed responsibility for the attack on the MOVEit Transfer software and the disclosure of the information obtained. However, as is common in data breaches, we do not know who else may have accessed the information which has been published since the incident.
5. What does this mean for me?
HIA did not upload any of your financial, credit or accounting records to MOVEit Transfer as part of PwC’s engagement with HIA and PwC has not identified any such information in their investigation.
Further, to our knowledge no individual has been the victim of identity theft or fraud. However, we recommend that you continue to monitor your data and personal information and be alert to any suspicious activity, i.e possible fraudulent emails, letters, phone calls and SMS messages. Please review the tips provided to you in your notification letter.
6. Could more of my data be leaked?
After becoming aware of the incident, PwC switched off the MOVEit Transfer software and promptly notified HIA of its documents which were affected.
7. How do I protect myself from this happening again?
Unfortunately Data breaches are on the rise globally. We suggest that you continue to monitor your personal information and be aware of suspicious activity.
8. PwC in partnership with IDCARE
PwC has partnered with IDCARE, Australia’s national identity and cyber support community service.
They have expert Case Managers who can work with you in addressing concerns in relation to personal information risks in instances where you think your information may have been misused. IDCARE’s services are at no cost to you.
If you wish to speak with one of their expert Case Managers please complete their online form.
Impacted members should have received a notification letter/email with a referral code. When engaging IDCARE please use the referral code included on your notification letter/email.
Please note that IDCARE is a separate entity independent of PwC and HIA. They are a registered Australian charity that specialises in identity security remediation and support. Please refer to IDCARE for further information and a copy of their Privacy Policy.
If you believe the data incident is causing you to suffer distress, try to reach out to family or friends or to one of the below support services for help:
Visit: Beyond Blue
Call: 1300 224 636
Visit: Lifeline
Call: 13 11 14
Note: If you believe you are at physical risk, please call emergency services (000) immediately.
9. Who is IDCare and what do they do?
IDCare is Australia’s national identity and cyber support community service. They have expert Case Managers who can work with you in relation to personal information risks in instances where you think your information may have been misused. IDCARE’s services are at no cost to you. If you wish to speak with one of their expert Case Managers please complete their online form.
IDCARE is available Monday to Friday 8am to 5pm AEST (excluding public holidays).
When engaging IDCARE please use the referral code included on your notification letter/email.
IDCARE services include:
- Specialist identity and cyber security case management that works with individuals to assess their unique risks and develop personalised response plans.
- IDCARE specialists include counselors and social workers as well as cyber technicians. In addition to pragmatic support, IDCARE can also extend Technical remediation support provided by cyber technicians, extended by IDCARE where it is deemed appropriate. IDCARE’s case managers are trained to anticipate, identify and respond to instances where specialist treatment is needed.
- Case management is confidential and each individual is provided their own unique client ID which limits what IDCARE needs to collect in order to assist individuals.
A plan for land is a plan for housing
“Adelaide, Brisbane and Perth are seeing residential land values grow at a rapid rate, while Sydney and Melbourne’s values remain relatively stable,” stated HIA Senior Economist Matt King.
New plumbing and drainage inspection procedures in Huntlee and-North Rothbury area
Plumbing and drainage inspections in the Huntlee and North Rothbury areas are moving from Cessnock City Council to Building Commission NSW.
BASIX transition period ending soon
The BASIX Transition period for eligible signed building contracts will end on 30 September 2024. BASIX Certificates must be generated by this date to apply the pre-1 October 2023 BASIX standards.
Lingering worker shortages see trade rates continue to rise
“As the number of new homes under construction continues to decline builders are reporting fewer difficulties scheduling skilled trades workers on their jobs, although availability of skilled workers remains worse than prior to the pandemic,” stated Geordan Murray, HIA Executive Director – Future Workforce.