Incident: Cyber attack on Victoria’s court system may have exposed recordings of sensitive cases | ABC News Australia
Australian Court Ransomware Attack, 02 January 2024
Cyber attack on Victoria’s court system may have exposed recordings of sensitive cases
The Qilin ransomware attacked the court system’s audio-visual archive, which staff discovered on December 21
Company Statement: COURT SERVICES VICTORIA – CYBER INCIDENT: Tuesday, 2 January 2024
Source: Cyber attack on Victoria’s court system may have exposed recordings of sensitive cases | ABC News Australia
View more incidents relating to Legal and Law sector, and other Victoria incident reports.
Victoria’s court system was the target of a ransomware attack, which an independent expert believes was orchestrated by Russian hackers. With hackers accessed an area of the court system’s audio-visual archive, which may contain recordings of hearings from highly sensitive cases.
In an update on Tuesday morning, CSV said:
- County Court cases had been most severely affected. All criminal and civil hearings recorded on the network between November 1 and December 21 may have been accessed – including at least two cases involving historical and child sexual abuse.
- The Supreme Court was also hit hard, with recordings from the Court of Appeal, the Criminal Division, the Practice Court, and two regional hearings in November possibly accessed.
- No hearings from the Children’s Court have been compromised from November or December, but one hearing from October may have remained on the network.
- Some committal hearings from the Magistrates Court were affected, but there were none from VCAT.
- Court Services Victoria is trying to notify people whose court appearances have been accessed by hackers, and has set up a contact centre for people who believe they may have been affected.
The attack was discovered on December 21, when staff were locked out of their computers and messages appeared on screens reading “YOU HAVE BEEN PWND”. The hackers threatened to publish files stolen from the court system, and directed them to an address on the dark web for instructions on how to recover the files.
The attack is likely the work of Russian hackers using commercial ransomware known as Qilin, according to a cyber security expert.
Court operations have not been affected, and hearings in January will proceed as usual.