iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Following the major attack by Russian hackers on Australian law firm HWL Ebsworth, a government crisis group has been formed to establish what federal data has been stolen.
Led by the Attorney-General’s Department, the group will investigate the damage done by the Russian state-backed hacking group ALPHV (also known as BlackCat) during its recent attack on HWL Ebsworth.
On top of the announcement that the Office of the Australian Information Commissioner (OAIC) was affected by the HWL Ebsworth data breach, a number of government agencies, including the Australian Federal Police (AFP), Australian Taxation Office (ATO), the Commonwealth Director of Public Prosecutions, the Department of Defence and the Department of Home Affairs, were also reportedly affected.
While ALPHV did not directly access the systems of any of the above government devices, the threat group compromised the data of the agencies through a supply chain attack on HWL Ebsworth, granting it access to data belonging to the law firm’s clients.
The new crisis group was established following major concerns that the compromised data could contain information on legal advice that could make both the current government and the prior government look bad, as well as that of vulnerable individuals.
According to information given to The Australian, government agencies are holding daily meetings to determine which data was compromised. While a spokesperson from Home Affairs refused to reveal how many agencies were clients of HWL Ebsworth, it said that the government and the law firm are in talks to determine the impact the hack has had.
“The government continues to actively engage HWL Ebsworth as it investigates the extent of the breach, including impacts on Commonwealth information,” said the spokesperson.
“HWL Ebsworth first reported a cyber incident involving ransomware and claims of data exfiltration and publication to the dark web on 1 May 2023.
“The government is working with HWL Ebsworth to understand and manage potential consequences of the publication of the data. As this matter is the subject of an ongoing joint investigation between the AFP and Victoria Police, it would not be appropriate to comment further.”
It is known that clients include the Parliamentary Budget Office, Aged Care Quality and Safety Commission, Australian Securities and Investments Commission (ASIC), Services Australia, Department of Foreign Affairs, Finance, Education, Agriculture, Industry, Employment, Fisheries and Forestry, Science and Resources, and Prime Minister and Cabinet.
Be the first to hear the latest developments in the cyber industry.
