By Perry Duffin
A prominent Sydney law firm with close links to the NRL and A-League has been targeted by foreign cyber-attackers who are now extorting the business over hundreds of gigabytes of confidential documents.
Brydens Lawyers, whose name sat on the front of Wests Tigers jersey for a decade, was hit by a cyberattack around February 20.
Brydens Lawyers is led by former Wests Tigers chairman and lawyer Lee Hagipantelis.Credit: James Brickwood
The hackers stole more than 600 gigabytes of data related to the firm, its clients and cases, and even staff.
The firm’s principal, Bandeli “Lee” Hagipantelis, warned employees the threat against the “integrity” of the firm’s internal systems was discovered and confirmed less than a week ago.
“It appears that there has been a very significant and potentially damaging security breach of the firm’s server and the integrity of our data,” he wrote on Friday, as soon as the hack was discovered.
Since then, the firm’s digital systems were taken offline and security hardened as Brydens called in external advisers, lawyers and security experts.
Wests Tigers in February 2024, the final year Brydens held the major sponsorship of the club before parting ways that year.Credit: Getty
The data is now being used by foreign actors to extort a ransom from the firm.
Brydens is one of the country’s biggest firms with offices across Sydney and regional NSW.
The firm ordinarily posts messages about new sponsorship details with local and professional sporting teams and clubs including Newcastle Jets and, most recently, the North Tamworth Bears.
But on Thursday, Hagipantelis posted a far darker message to its website as it alerted clients to the breach.
“We are taking this breach very seriously and have reported the incident to the Australian Cyber Security Centre and the Office of the Australian Information Commissioner,” Hagipantelis wrote.
“Once our investigations are complete, we will work with the relevant parties to ensure that all appropriate steps are taken and will notify individuals as required to provide guidance and support.”
“We can confirm that security of our IT system has been restored.”
As legal offices are entrusted with reams of highly sensitive, highly confidential documents, Brydens is not the first firm to suffer what is known as a “ransomware” attack.
Just one month earlier, in mid-January, staff of New Zealand firm Bell and Graham returned from their Christmas break to find their server had been breached.
“Since being informed of the compromise, we have been working hard to understand the scope of what has happened and identify those impacted. We appreciate your patience as we work through this situation which has been a stressful one for our team,” the firm’s statement says on their website.
Two years ago, a Russian-linked group calling itself ALPHV/BlackCat claimed to have “exfiltrated data” from HWL Ebsworth, another large Australian firm.
The hackers took about four terabytes of data, seven times the size of the Brydens breach, and dragged in more than 60 government departments who had used the firm for work on tenders.
The NSW Supreme Court issued an injunction to prevent people from accessing the stolen files.
Start the day with a summary of the day’s most important and interesting stories, analysis and insights. Sign up for our Morning Edition newsletter.