EmployeeServe and InvestorServe incident

Dated 14 November 2025

BoardRoom recently detected unauthorised activity on a small number of EmployeeServe and InvestorServe accounts involving legitimate login credentials obtained from external sources (commonly known as ‘credential stuffing’). This activity was limited to a small number of accounts and did not involve ClientOnline or AdvisorServe.

As soon as the activity was detected on EmployeeServe and InvestorServe, BoardRoom locked the accounts involved and put measures in place to prevent any risk of recurrence.

We are now in the process of notifying companies involved and individuals whose accounts were involved, which equates to a very small portion of our users, to provide guidance and support. Individuals with locked accounts will need to call BoardRoom to verify their identity and unlock their accounts.

Our response to this incident has been supported by experts from across the cybersecurity industry and we have notified the relevant government agencies, including the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC).

We are mindful in events like this for the possibility of secondary scam activity. We recommend you remain vigilant against the risk of phishing emails and scams and only respond to emails from us with our domain name “boardroomlimited.com.au”.

Any questions should be directed to our dedicated response team on incidentresponse@boardroomlimited.com.au