Page last updated on October 14, 2025
TREASURE GLOBAL INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-10-14 17:29:39 EDT.
Filings
10-K filed on 2025-10-14
TREASURE GLOBAL INC filed a 10-K at 2025-10-14 17:29:39 EDT
Accession Number: 0001213900-25-098882
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity We maintain a comprehensive cybersecurity program designed to protect our information systems and digital assets, including identity and access management controls, network security monitoring, employee awareness training, and periodic third-party assessments. Our cybersecurity policies are reviewed by management and overseen by the board’s audit committee at least annually. We regularly evaluate emerging threats and update our security controls and incident-response procedures accordingly. Incident and Remediation Summary In May 2025, we detected unauthorized changes to our domain, DNS, and email configurations originating from administrative credentials retained by a former employee. The impact was limited to a brief email-routing disruption; all production systems remained fully operational. Based on internal reviews and independent external assessment, we found no evidence of data exfiltration or compromise involving customer data, financial information, or internal systems, and the issue was contained on the same day it was discovered. Upon detection, we immediately purged and rotated credentials across all critical systems, enforced company-wide multi-factor authentication, closed orphaned accounts, and moved registrar and DNS administration under centralized secure access controls. We also hardened email authentication (SPF, DKIM, DMARC), implemented registry-level domain locks and DNSSEC, and completed a secure migration of domain and DNS records to a new registrar environment. We have since completed a forensic investigation, automated off-boarding and access-revocation processes, established 24/7 SIEM/SOC monitoring for identity and domain anomalies, and conducted targeted cybersecurity training. Our domain, DNS, and email operations are now fully stabilized and secured, with quarterly access reviews and ongoing monitoring to ensure continued resilience. The incident did not have a material impact on our operations or financial condition.
Company Information
| Name | TREASURE GLOBAL INC |
| CIK | 0001905956 |
| SIC Description | Services-Business Services, NEC |
| Ticker | TGL - Nasdaq |
| Website | |
| Category | Emerging growth company |
| Fiscal Year End | June 29 |