Slater + Gordon scandal: Cybercrime detectives close investigation email attack
A police probing of the ‘malicious’ email attack on major law firm Slater + Gordon which targeted senior executives and revealed the salary information of 900 employees had wrapped, with no criminal charges laid.
Cybercrime detectives probing the “malicious” email attack on major law firm Slater + Gordon which targeted senior executives and revealed the salary information of 900 employees have wrapped their investigation and laid no criminal charges.
Victoria Police on Thursday confirmed the investigation into the “premeditated and carefully planned” attack on the firm had been closed, almost four months after a company-wide email was sent impersonating former interim chief people officer Mari Ruiz-Matthyssen and criticising various senior executives of the firm.
“Detectives from the Cybercrime Squad have completed their assessment into this matter. Based on the information provided to police, no criminal offences have been detected,” a statement from Victoria Police reads.
“Any further information supplied to police in the future would be thoroughly assessed, however at this time the matter is considered closed.”
A Slaters spokesperson said the firm “hoped this matter would result in formal accountability” but respected the outcome of the investigation.
The email, which landed in inboxes on a Friday morning in February, was purportedly a note from Ms Ruiz-Matthyssen to her successor at the firm, but contained brutal character assessments of many of Slater + Gordon’s most senior lawyers and staff.
The Australian has chosen not to identify them but the observations include comments about senior figures at the firm such as “ruthlessly ambitious”, “lazy and unmotivated” and “senile and needs to retire”.
The email attached a spreadsheet of the salary and bonus information of 900 staff which appeared current to November last year.
In a statement released in February, Slater + Gordon said both the firm and Ms Ruiz-Mattyssen had made official reports of the incident to police.
Slaters confirmed in late March it had concluded an internal investigation into the incident, and believed a former employee with an intimate knowledge of the company’s cybersecurity systems was behind the attack.
At the time, the firm said it had “reasonable grounds” to suspect the former employee “who was aware of the firm’s security protocols and had previously been authorised to access certain data”.
The firm said it had referred the name of the former employee to the police.
In a statement released on Thursday, a Slaters spokesperson said the firm “notes Victoria Police has advised that it has reviewed all the available material in relation to the malicious email sent to Slater and Gordon staff in February and will not be proceeding with charges at this time”.
“While we had for what we continue to regard as a premeditated and carefully planned attack on the firm, we respect the role of Victoria Police and the outcome of their investigation,” the statement reads.
“The wellbeing of our people remains our priority. We took this incident extremely seriously and acted swiftly to support our staff.
“We are aware of speculation regarding the identity of the individual involved. The firm has consistently stated that we do not believe our former Chief People Officer, Mari Ruiz-Matthyssen, was responsible for the email, and that position remains unchanged. We do not propose to comment further on the identity of any other former employee.
“We remain committed to our people, to our clients, and to Slater and Gordon’s role as a leading social justice law firm.”
Ms Ruiz-Matthyssen last month launched civil legal proceedings against Slater + Gordon. In court documents seen by The Australian, she claims she told chief executive Dina Tutungi within half an hour of the email being sent that she suspected former payroll manager and convicted fraudster Bridgett Maddox was behind it.
According to the documents, Ms Ruiz-Matthyssen had been instrumental in sacking Ms Maddox after the payroll manager was suspended and investigated over the improper handling of a $200 gift voucher.
Ms Ruiz-Matthyssen alleges Ms Maddox texted her after the email was circulating saying that it brought her “glee” to see her impersonated as its author.
According to metadata of the spreadsheet, inspected by The Australian, the name “Bridgett” was listed as the author. Ms Maddox has previously said she had “nothing to do with the emails” and claimed someone may have impersonated her in the metadata.
Ms Maddox – under the name Bridgett Jones – has a lengthy history of fraud and theft, which culminated in her spending two years in prison from 2017 to 2019 for stealing more than $300,000 from her employers.
More Coverage
Second basketball team joins court fight against Kestelman’s NBL
The increasingly heated NSW Supreme Court stoush between the Illawarra Hawks’ Jared Novelly and NBL owner Larry Kestelman has been joined by another top-flight basketball team.
Westpac ‘resisted’ responding to bullying: Rams whistleblower
In her lawsuit against her employer, a Westpac risk officer alleges executives bullied her and failed to act on concerns which she raised about its home loans arm, Rams.