The Office of the Australian Information Commissioner (OAIC) says some of its files were stolen in a ransomware attack on law firm HWL Ebsworth.
One of the largest law firms in Australia, HWL Ebsworth says in an incident notice on its website that it became aware of the incident on April 28, after the Alphv/BlackCat ransomware gang boasted about the hack, and that it immediately informed the Australian authorities and started investigating the incident.
“The investigation indicates the threat actor had accessed and exfiltrated certain information on a confined part of the firm’s system, but not on our core document management system,” the law firm explains.
On June 9, HWL Ebsworth says, the ransomware group published on their leak site some of the data allegedly stolen from its systems, suggesting that the firm did not cave in to the gang’s ransom demands.
The law firm says it has yet to determine the full impact of the data breach and that it will notify all individuals whose personal information might have been compromised.
A full-service commercial law firm and the largest partnership among Australian law firms, HWL Ebsworth serves organizations across multiple sectors, including dozens of federal or state government departments.
OAIC, the Australian privacy and freedom watchdog, is one of HWL Ebsworth’s clients to have disclosed impact from the data breach.
“On Saturday 10 June, HWL Ebsworth advised the OAIC that a document or documents relating to a limited number of OAIC files were included in the breach experienced by HWL Ebsworth,” OAIC said in a statement.
The incident reportedly impacted the NDIS Quality and Safeguards Commission, the Australian Federal Police, the Commonwealth Director of Public Prosecutions, the Department of Defence, the Department of Home Affairs, the Department of Foreign Affairs, and the Taxation Office as well.
The National Australian Bank (NAB), one of the four largest banks in the country, also disclosed some impact from the incident, stating that a small percentage of its customers might have been affected.
“We are aware that HWL Ebsworth, a law firm engaged by NAB for some legal services, has been impacted by a cyber-attack. NAB’s systems were not impacted and remain secure. We are working with HWLE as they continue to get more information in relation to the content of these matters,” NAB said.
The Alphv/BlackCat ransomware gang has leaked roughly 1.5 terabytes of data from the roughly 3.6 terabytes it allegedly stole from HWL Ebsworth. Last week, the law firm was granted an injunction restricting everyone, including the media, from discussing what information was stolen.
Related: Ransomware Gang Takes Credit for February Reddit Hack
Related: A Russian Ransomware Gang Breaches the Energy Department and Other Federal Agencies
Related: US Organizations Paid $91 Million to LockBit Ransomware Gang
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
