Connect with us

Hi, what are you looking for?



Australian Government Says Its Data Was Stolen in Law Firm Ransomware Attack

The Office of the Australian Information Commissioner (OAIC) says some of its files were stolen in a ransomware attack on law firm HWL Ebsworth.

The Office of the Australian Information Commissioner (OAIC) says some of its files were stolen in a ransomware attack on law firm HWL Ebsworth.

One of the largest law firms in Australia, HWL Ebsworth says in an incident notice on its website that it became aware of the incident on April 28, after the Alphv/BlackCat ransomware gang boasted about the hack, and that it immediately informed the Australian authorities and started investigating the incident.

“The investigation indicates the threat actor had accessed and exfiltrated certain information on a confined part of the firm’s system, but not on our core document management system,” the law firm explains.

On June 9, HWL Ebsworth says, the ransomware group published on their leak site some of the data allegedly stolen from its systems, suggesting that the firm did not cave in to the gang’s ransom demands.

The law firm says it has yet to determine the full impact of the data breach and that it will notify all individuals whose personal information might have been compromised.

A full-service commercial law firm and the largest partnership among Australian law firms, HWL Ebsworth serves organizations across multiple sectors, including dozens of federal or state government departments.

OAIC, the Australian privacy and freedom watchdog, is one of HWL Ebsworth’s clients to have disclosed impact from the data breach.

Advertisement. Scroll to continue reading.

“On Saturday 10 June, HWL Ebsworth advised the OAIC that a document or documents relating to a limited number of OAIC files were included in the breach experienced by HWL Ebsworth,” OAIC said in a statement.

The incident reportedly impacted the NDIS Quality and Safeguards Commission, the Australian Federal Police, the Commonwealth Director of Public Prosecutions, the Department of Defence, the Department of Home Affairs, the Department of Foreign Affairs, and the Taxation Office as well.

The National Australian Bank (NAB), one of the four largest banks in the country, also disclosed some impact from the incident, stating that a small percentage of its customers might have been affected.

“We are aware that HWL Ebsworth, a law firm engaged by NAB for some legal services, has been impacted by a cyber-attack. NAB’s systems were not impacted and remain secure. We are working with HWLE as they continue to get more information in relation to the content of these matters,” NAB said.

The Alphv/BlackCat ransomware gang has leaked roughly 1.5 terabytes of data from the roughly 3.6 terabytes it allegedly stole from HWL Ebsworth. Last week, the law firm was granted an injunction restricting everyone, including the media, from discussing what information was stolen.

Related: Ransomware Gang Takes Credit for February Reddit Hack

Related: A Russian Ransomware Gang Breaches the Energy Department and Other Federal Agencies

Related: US Organizations Paid $91 Million to LockBit Ransomware Gang

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...