NewsBite

Advertisement

This was published 1 year ago

More sensitive Optus data leaked in major cyberattack on law firm

By Anthony Galloway

Optus has been caught up in another major cyberattack, with sensitive information about a privacy watchdog investigation into the mobile-phone company breached by Russian hackers.

The Office of the Australian Information Commissioner is one of dozens of government departments and agencies scrambling to find out how much of their data has been breached in a hack attack on Australian law firm HWL Ebsworth.

The hack on HWL Ebsworth has been described as one of the biggest data breaches in Australia’s history.

The hack on HWL Ebsworth has been described as one of the biggest data breaches in Australia’s history.Credit: Bloomberg

Among the hacked data is information relating to an OAIC investigation into Optus that began in the middle of 2021.

This is separate to the OAIC’s ongoing investigation into the cyberattack on Optus in September last year that resulted in about 10 million current and former Optus customers’ personal details being stolen.

It is unclear whether the stolen information in the latest cyberattack on the law firm also includes the personal information of Optus customers.

Optus said it was aware of the data breach and had asked the OAIC to “clarify the extent to which Optus information has been affected in this data breach involving files held by HWL Ebsworth”.

The OAIC told this masthead it would “review the Optus documents once provided by HWL Ebsworth and notify affected individuals”.

The law firm would not comment on the stolen Optus documents, but said it was continuing to work through a “detailed and comprehensive review of the impacted data and informing impacted third parties and individuals as swiftly as it can”.

Advertisement

“We have an ongoing engagement with relevant authorities in relation to this process, including the Office of the Australian Information Commissioner,” HWL Ebsworth said.

Loading

The attackers – a Russian-linked criminal gang known as BlackCat, or AlphV – stole extensive data from the law firm in April and claim to have published 1.45 terabytes of its data on the dark web.

HWL Ebsworth has undertaken work for scores of other government departments and agencies over the past decade, including Defence, Home Affairs, the Australian Federal Police and Services Australia.

It also counts the nation’s four largest banks as clients.

The Australian Cyber Security Centre, which is part of the nation’s cyber spy agency, the Australian Signals Directorate, is providing technical advice and assistance to the law firm as it responds to the hack.

Loading

Home Affairs Minister Clare O’Neil said: “The Australian government continues to work with HWL Ebsworth to understand the extent of information exposed by the breach. This process is ongoing.”

The opposition’s cybersecurity spokesman, James Paterson, accused the government of not having taken the cyberattack on the law firm seriously enough since it was reported on May 1.

“It is not good enough that we keep learning by a drip feed in the media every week of a new government agency, or new pieces of sensitive information they were holding, that has been breached in the HWL Ebsworth attack,” Paterson said.

“It should have been clear from day one that given they were a major legal services provider to government this was going to have serious ramifications.

“And yet, the government remains on the back foot, reacting to this crisis as it evolves. It’s long past time they fronted up and explained what they know about the severity of this attack and what sensitive information has been compromised.”

Australian companies have been hit by a wave of serious cyberattacks over the past year, with hacks on Optus, Medibank and HWL Ebsworth among the worst data breaches in the country’s history.

The government recently appointed senior Air Force commander Darren Goldie to become Australia’s first co-ordinator for cybersecurity. He will work across the government to respond to cyber hacks and threats.

Cut through the noise of federal politics with news, views and expert analysis from Jacqueline Maley. Subscribers can sign up to our weekly Inside Politics newsletter here.

Most Viewed in Politics

Loading

Original URL: https://www.brisbanetimes.com.au/link/follow-20170101-p5dkii