• search navSearch
  • English
  • Login
 
 

Cyber incident updates

 

Latest update

Update: 20 May 2026

Following our statement of 5 May 2026, we are providing a further update regarding the recent cyber incident.

Upon identification of the incident, ALS implemented immediate technical and organisational containment measures in accordance with its incident response protocols. These measures included enhanced monitoring of network activity, isolation of affected environments and securing unaffected systems.

ALS operations have been restored, and containment activities are complete.

Importantly, ALS client portals are operating as normal and are secure to use. Our email and communications systems were also not impacted by this incident and continue to operate as normal, and it remains safe to communicate with us.

We continue to work closely with our internal teams and external cyber security specialists to understand the full scope of the incident, including assessing whether there has been any impact to data. If we identify that any client information has been impacted, we will contact relevant parties directly and immediately.

We will continue sharing further relevant information as it becomes available, with a focus on ensuring any information we communicate is accurate and verified.

If you have any questions in the meantime, please speak with your usual ALS representative or submit an enquiry via the contacts section below.

 
 
 

Previous updates

  • 5 May 2026

    ALS Limited (ASX: ALQ) has recently identified malicious cyber activity involving unauthorised third-party access to some of our IT systems.

    The incident caused temporary disruption to parts of the Group’s operations.

    Our IT and security teams, supported by external cyber incident response specialists, immediately took and continues to deploy containment action, in line with our incident response procedures.

    The vast majority of ALS operations have been restored and are currently operational, with targeted remediation continuing in specific areas.

    We have also notified the Australian Cyber Security Centre and will coordinate with our clients, relevant government agencies and regulators.

    The security and privacy of all information entrusted to us is a responsibility we take seriously. ALS continues to investigate the incident to understand the full extent and potential impacts to data and is working as quickly as possible to provide certainty for all stakeholders.

    This announcement was authorised for release by the Chair of the Board.

Frequently asked questions

  • What has happened?
    ALS has recently identified malicious cyber activity involving unauthorised third-party access to some of our IT systems. The incident caused temporary disruption to parts of the Group’s operations across multiple geographies. The majority of ALS operations have been restored, with targeted remediation continuing in specific areas.
  • Has ALS reported this incident to the relevant authorities?
    Yes. ALS has notified the Australian Cyber Security Centre, and is coordinating with relevant government agencies and regulators.
  • What is ALS doing to respond?

    Our IT and security teams, supported by external cyber incident response specialists, took immediate containment action when the incident was identified, and continue to do so in line with our incident response procedures. ALS continues to investigate the incident to understand the full extent and potential impacts to data and is working as quickly as possible to provide certainty for all stakeholders.

  • Has my data been affected?
    We are investigating what data, if any, has been impacted. We are committed to providing more detailed update as soon as our investigation progresses.
  • Can I rely on ALS test results and data?
    The integrity of test results has not been impacted. Your results can continue to be relied upon.
  • Are client portals safe to use or is there a chance that my company systems could be infected?
    ALS client portals were not subject to the malicious activity and continue to operate as normal. You can continue to engage with these systems with no elevated risk to your data and no risk of infection of your own systems.
  • Has ALS’ email and communications been impacted?
    No. ALS’ email and communications environment has not been impacted by this incident. These systems operate in a separate environment to the affected systems and continue to operate as normal. You can continue to receive and open communications from ALS as usual. As always, we recommend remaining vigilant and verifying any unexpected requests.
  • Where can I find more information?
    This dedicated page includes the most up to date information. We will continue to update this page as more information becomes available.
  • What should I do?
    Please remain alert to any unusual or unexpected communications. If you receive requests for sensitive information or changes to payment details, verify them through your usual ALS contact.
  • Who can I contact for more information?

    Please contact your usual ALS representative or refer to the contact details provided on this page.

 

Contacts


Media enquiries  ALS Media media@alsglobal.com
Investor Relations enquiries investor@alsglobal.com
Operational or service enquiries Contact your usual ALS representative
Cyber security enquiries


 
v.1.1.1406