Notice of Cyber Security Incident

16 June 2021

GATELEY (HOLDINGS) PLC

("Gateley" or the "Company" or the "Group")

Notice of cyber security incident

Gateley (AIM: GTLY), the legal and professional services group, reports that it is currently managing a cyber security incident after discovering an intrusion into its systems from a now known external source. The intrusion was quickly identified by the Company's IT team and it acted immediately to secure the Company's systems. Based on the information gathered to date, the Company is confident that its security controls were effective in limiting the impact of the incident.

The Company took some of its systems offline while it undertook necessary extensive investigations into the incident, supported by a professional cyber security support team mobilised as part of its cyber security insurance facility. The Company has carefully but rapidly re-established its core systems to enable its staff to continue to work and communicate with its clients. The Board has seen no evidence that the financial performance of the Company has been impaired.

Investigations will continue over the next few days. To date, the Company is confident that the incident has been confined to a very small part of its data store, amounting to approximately 0.2% of the Company's data. The impacted data was traced quickly and deleted from the location to which it had been downloaded and there is no evidence currently to suggest that this data has been further disseminated. The impacted data did include some client data and, when the Company's investigations are further progressed, those clients that have been affected will be notified. The Company has already notified the relevant regulators and law enforcement agencies, as well as the Information Commissioner's Office.

Rod Waldie, Chief Executive Officer of Gateley, said: "IT security is of paramount importance to Gateley and we had carefully planned for the occurrence of risk that a cyber breach could have on the business.  Incidents of this nature are, sadly, prevalent. I am grateful that the prompt actions of our IT team have limited the impact of this incident and enabled us to resume our business operations swiftly.

We are continuing to work with specialist cyber security professionals to investigate the incident and identify any parties that may have been affected and we will, of course, contact anyone affected in due course. In the meantime, we are restoring all of our systems in a safe and secure manner as quickly as possible and do not expect at this stage any significant disruption to our day-to-day activities or financial performance."

The Company will inform the market if there are any notifiable changes to the situation.

Enquiries: