ANNOUNCEMENTS

---

Tasmanian Botanics recently identified unauthorised access involving a staff account following the installation of malicious software on a staff device.

The affected account was used to distribute a phishing email to external contacts. Once identified, the incident was immediately contained with support from our external cybersecurity provider. The affected device was isolated, user access was secured, and additional monitoring and security measures were implemented across our systems.

At this stage of the investigation, there is no evidence that sensitive personal information held by Tasmanian Botanics has been accessed or compromised.

The impacted information appears limited primarily to email addresses and business contact information contained within the affected mailbox.

If you received a suspicious email referencing “Collaborative_Plan.pdf” or containing an unexpected shared file link, please delete the email immediately without clicking any links.

If you clicked the link or opened the file, we recommend taking the following precautionary steps:

• immediately change any passwords entered after clicking the link, including email or Microsoft 365 passwords,
• ensure multi-factor authentication (MFA) is enabled on all sensitive accounts,
• run a full antivirus or anti-malware scan on the device used to access the link,
• and monitor your accounts for any unusual activity over the coming weeks.

Tasmanian Botanics will never ask you to provide passwords or sensitive financial information via a shared PDF link.

We sincerely apologise for the concern this incident may have caused. We are continuing to work closely with cybersecurity specialists and have implemented additional safeguards to further strengthen system security.

For any questions or concerns, please contact info@tasmanianbotanics.com.