Security News > 2023 > June > Data leak at major law firm sets Australia's government and elites scrambling
An infosec incident at a major Australian law firm has sparked fear among the nation's governments, banks and businesses - and a free speech debate.
The firm, HWL Ebsworth, has acknowledged that on April 28, "We became aware that a threat actor identified as ALPHV/BlackCat made a post on a dark web forum claiming to have exfiltrated data from HWL Ebsworth."
The lawyers therefore hired investigators, who confirmed that "The threat actor had accessed and exfiltrated certain information on a confined part of the firm's system, but not on our core document management system." The investigation reportedly revealed that over four terabytes of info leaked, including documents describing clients and staff, as well as negotiations between the firm and ALPHV/BlackCat over ways to keep the incident quiet.
HWL Ebsworth is the kind of big-end-of-town law firm that attracts governments and large corporates as clients.
The Office of the Australian Information Commissioner - the entity to which data breaches must be reported in Australia - has also admitted it's a client, and that HWL Ebsworth notified it some of its files were among the leaked trove.
The Register understands the firm has not paid a ransom and is not inclined to do so.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/06/20/hwl_ebsworth_cyber_incident/
Related news
- 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage (source)
- Pokemon dev Game Freak confirms breach after stolen data leaks online (source)
- Troubled US insurance giant hit by extortion after data leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Ford investgates alleged breach following customer data leak (source)
- Ford investigates alleged breach following customer data leak (source)