Welcome to the Spotless IT Incident Response Webpage

This page has been created to provide information regarding an IT Incident, commencing October 2020.

Tip:  Please make this web page a favourite or save to your device.



Latest News

13th October 2020


Update on unauthorised access to Spotless IT systems

What happened?

On 8 October 2020, we detected malicious activity on our Spotless IT network as a result of ransomware being deployed on a number of Spotless servers. We are treating this incident as a high priority and have allocated significant resources to manage the response. We have notified the ACSC and the NZ CERT.

What are we doing?

Since becoming aware of the activity, we have been working with leading external cybersecurity consultants to contain and investigate the incident.

Our businesses have enacted their Business Continuity Plans which allow us to continue to provide services to our customers. We are working around the clock to resolve the outage and minimise any impact on you.

Our immediate steps have been to:

  • Ring fence all impacted systems and services and remove external links to prevent any propagation of the impacts
  • Install additional tools that help us understand and monitor real time-critical events in our systems
  • Ensure the separation between the impacted systems and servers from the remainder of our environment

Has data been impacted?

At this stage, we have no evidence that any of our customers’ data has been impacted. If we discover there has been unauthorised access to any confidential client data, or personal information, we will contact those affected directly and provide advice of relevant steps that need to be taken in response.

Way forward

We will continue to provide you with updates.

Thank you for your understanding and patience and for your continued support as we manage this challenge that is being faced by many companies.

If you have any further questions please contact our dedicated incident email address at incidentenquiry@spotless.com.au


8th October 2020

The Downer IT team has detected suspicious activity involving unauthorised access to a number of Spotless servers.

We are investigating this activity, with the assistance of experts, and believe it is linked to ransomware.

As an initial response, we have restricted access to a number of Spotless servers.

We have enacted our Business Continuity Plans which allow us to continue providing services to our customers.

If we discover there has been unauthorised access to confidential data, we will contact those affected directly.


Disclaimer:  This webpage has been created to support Spotless employees and delivery partners. Information contained on this webpage is not intended for any other purpose.