‘Highly sensitive’ Victorian government files leaked online by HWL Ebsworth law firm hackers
“Highly sensitive’’ Victorian government documents leaked online by Russia-linked hackers who hit HWL Ebsworth law firm
The Victorian government is the latest to confirm it has had “highly sensitive’’ documents released onto the dark web after they were stolen by the Russia-linked hackers who compromised the systems of law firm HWL Ebsworth.
The confirmation that data from several government departments and agencies had been leaked comes almost three months after the ransomware gang BlackCat, or AlphV, hacked into HWL Ebsworth’s Melbourne-based servers and stole four terabytes of data.
About a quarter of the data has been published on the dark web after HWL Ebsworth refused to pay a ransom.
Australia’s new cyber tsar Darren Goldie has also revealed that government agencies and businesses covering financial services, health, transport, construction, energy and resources had also been impacted by the hack, one of the largest in Australian history.
HWL Ebsworth also confirmed core identification documentation including passports, drivers licences and birth certificates had been compromised.
A Victorian government spokesperson confirmed the release of the Victorian data, which related to legal matters HWL Ebsworth had been involved in.
“We are continuing to work with HWL Ebsworth to understand the extent of the compromise,’’ the spokesperson said.
“We have been advised by HWL Ebsworth that information affected includes highly sensitive documents from legal files with state government departments and agencies.’’
The huge HWL Ebsworth law firm has actively targeted government work and represents hundreds of local, state and federal government agencies.
Like the federal government, the Victorian government would not reveal which agencies had been compromised.
Home Affairs Minister Clare O’Neil said last month: “HWL Ebsworth is a very significant incident and the Australian government is deeply concerned about it.
“I would place it in the realm of the most significant cyber incidents that we’ve experienced as a country over the last year, along with Latitude, Optus and Medibank.’’
Mr Goldie, appointed this month as Australia’s new National Cyber Security Co-ordinator, met this week with HWL Ebsworth and federal, state and territory governments to discuss the response to the hack.
“Impacted clients assessed to date include government agencies and businesses from the financial services, health, transport, energy and resources and construction sector,’’ he said in a statement posted on social media site LinkedIn.
“This is an evolving incident and there may be additional impacted entities that have yet to be identified.’’
Victorian government chief information security officer David Cullen said HWL Ebsworth had “now confirmed that information relating to its work with several Victorian government departments and agencies has been released by cyber criminals to the dark web”.
“We are taking this matter extremely seriously, and are working in partnership with the commonwealth government, and can confirm that there has been no direct breach of Victorian government IT systems,’’ he said.
“HWL Ebsworth is in direct contact with impacted departments and agencies to provide advice on the specific information that has been exposed.
“Where that information relates to members of the Victorian community, departments and agencies will make direct contact with those impacted as soon as possible to provide tailored advice and support because we know data breaches can be distressing, especially when personal information is involved.
“HWL Ebsworth has partnered with IDCARE, Australia’s national identity and cyber support community service, to support anyone affected by this incident. These services are available at no cost to individuals.
“The Victorian government expects all suppliers to maintain strong cyber security measures to protect government and community data, and we have sought assurances from HWL Ebsworth on the cyber security protections applied to Victorian government data.’’
More Coverage
Add your comment to this story
High Court dismisses CFMEU challenge
The court rejected a legal challenge to the federal government’s takeover of the CFMEU’s construction division, in a win for Labor and a defeat for the union’s sacked officials.
This is Libs’ chance to expose Labor on super tax
Offering to improve a bad tax policy and simultaneously behaving like the political grown-up in the room is a start. Over to you, Sussan Ley.
To join the conversation, please log in. Don't have an account? Register
Join the conversation, you are commenting as Logout