Select Page

Incident: Australian law firm HWL Ebsworth hit by Russian-linked Blackcat ransomware attack | The Guardian

Incident: Australian law firm HWL Ebsworth hit by Russian-linked Blackcat ransomware attack | The Guardian

Australian Law Firm Ransomware Attack, 02 May 2023

Updated: Australian law firm HWL Ebsworth hit by Russian-linked Blackcat ransomware attack

Hacking 4TB of data including IDs, finance reports, accounting data, client documents and credit card details.

Company Statement: UPDATE: FRIDAY 14 JULY
Source: Australian law firm HWL Ebsworth hit by Russian-linked ransomware attack | The Guardian

View more incidents from Legal and Law sector and other reports relating to ISO27k 8.7 Protection against malware.

This attack has been attributed to the cybercriminal group AlphV, which is also known as BlackCat, view the AlphV Australian Ransomware Attacks.

YouTube player

 

Big four banks caught up in cyber breach 22nd June 2023
The Office of the Australian Information Commissioner has had data stolen by the Russian criminal ransomware gang known as BlackCat, or ALPHV. The data was stolen through legal firm HWL Ebsworth, who the OAIC is a client – according to a report by The Australian.

YouTube player

 

Australia’s Privacy Watchdog Hacked By Russians 15th June 2023 NAB has confirmed data exposure after Russian hackers posted scarce details online. CBA, Westpac and ANZ are working with HWL Ebsworth to determine the law firm to determine their exposure.

YouTube player

 

Top secret defence files stolen by Russian hackers | 7NEWS 17th June 2023Sensitive government files and national military secrets have been stolen by Russian cyber hackers. It’s one of the largest defence breaches in Australian history but the prime minister has been quick to downplay the hack as a technical incident

YouTube player

 

Law firm investigates cyber hack data release claim | The West Australian 09 June 2023
The Tasmanian government said it had been contacted by the federal government about an “illegal release” of HWL Ebsworth data on the dark web. Minister for Science and Technology Madeleine Ogilvie said there was a nationally co-ordinated approach to investigating the impacts of the incident.
HWL Ebsworth, which has clients at either commercial or government level in every state or territory, on Friday said it had learned of the data release.

The Australian commercial law firm HWL Ebsworth has fallen victim to a ransomware attack, with Russian-linked hackers claiming to have obtained client information and employee data.

Late last week, the ALPHV/Blackcat ransomware group posted on its website that 4TB of company data had been hacked, including employee CVs, IDs, financial reports, accounting data, client documentation, credit card information, and a complete network map.

Blackcat was one of the top three ransomware groups targeting Australia according to a recent study by cybersecurity firm Palo Alto Networks.

Professional and legal services is one of the top targeted industries for such attacks, the Palo Alto study stated, with Australia the most targeted in the Asia-Pacific region.

(3/5/2023) The company has yet to provied comment or information on thie website or social media.

ANZ, CBA, NAB, Westpac
ADoD
OAIC
Taz Gov
Vic Gov https://www.theage.com.au/politics/victoria/highly-sensitive-victorian-government-documents-published-on-dark-web-20230714-p5dob1.html
Optus: https://www.smh.com.au/politics/federal/more-sensitive-optus-data-leaked-in-major-cyberattack-on-law-firm-20230629-p5dkii.html
federal Fair Work Ombudsman : https://www.itnews.com.au/news/fair-work-ombudsman-caught-up-in-hwl-ebsworth-breach-598070
Qld Gov https://www.qld.gov.au/transport/news/features/tmr-is-aware-of-a-cyber-incident-and-data-breach-impacting-law-firm-hwl-ebsworth
meanwhile, The Advertiser newspaper reported over the weekend that a small number of people had received notifications from the South Australian government relating to exposure to the incident.
WA Gov: https://www.abc.net.au/news/2023-06-30/wa-government-hwl-ebsworth-hack-alphv-ransomeware-gang-breach/102544166

 


About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Trackbacks/Pingbacks

  1. Incident: UPDATE NDIA data breach claimed to impact 11,000 “records” | iTnews – Canadian Cyber Watch - […] was also caught up in the HWL Ebsworth breach this year, which exposed information recorded in dozens of federal…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Unfolding in real time: Artificial intelligence is reshaping cybersecurity

Key takeaways The cybersecurity capability of next-generation frontier artificial intelligence (AI) models is increasing rapidly. Large language … [...]

NSW Government Bulletin: Managing employee social media content in the public sector

Over recent years, the increase in social media activity across different platforms has facilitated opportunities for employees to comment on a broad … [...]

Australia: Pixel Perfect – The regulator addresses use of tracking pixels

On 11 June 2026, the Office of the Australian Information Commissioner (OAIC) published two determinations against Medmate Australia Pty Ltd (Medmate) … [...]

Discover how modern corporate investigations are shifting from email to chat and encrypted apps. Learn essential strategies for defensible forensic… [...]

Australian Cyber Aware - As It Was 2606 - June 2026

This monthly review provides a curated summary of Australian and New Zealand cyber, privacy, and information security developments identified during … [...]

Key Trends in Cyber Security and Data Privacy (2026): a General Counsel lens - Governance Institute of Australia

Cyber security and data privacy are now core governance tests – demanding clear decision-making authority, disciplined escalation and evidence that … [...]

OAIC ordered to turn over Amex privacy determination in full

Australia’s privacy watchdog has been told to turn over full details of an investigation into American Express that uncovered security and access … [...]

How to stay cyber secure: Australia’s top cyber agency releases Privileged User Training video series

The new training series offers a pathway for IT professionals to strengthen their cyber security skills and better understand cyber criminal … [...]

NSW Rural Fire Service admits security incident

The NSW Rural Fire Service (RFS) is investigating a cybersecurity incident after a hacker gained access to its information and communications … [...]

Scams surge as cybercrime falls

Cybercrime declined in Australia last year, but fraud and scams bucked the trend and victims have given up complaining, the Australian Institute of … [...]

Generation Life confirms customers impacted in April cyber incident

Aussie investment firm Generation Life has confirmed that customer data was impacted in a cyber attack it suffered back in April. • Fri, 26 Jun 2026 • … [...]

In wake of KPMG scandal, government considers splitting accounting firms' auditing and consulting arms

Accounting firms could be asked to split their lucrative consulting services from their audit functions and individual firm partners could face far … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading