Share this article on:
Files considered very sensitive by the Victorian state government have been posted on the darknet in yet another breach following the hack of law firm HWL Ebsworth.
The law firm confirmed today (14 July) that the documents were affected by the April hack, and the chief information security officer is taking the matter “extremely seriously”.
“Following its announcement in April 2023 of a major cyber breach,” Victoria’s CISO said in a statement, “law firm HWL Ebsworth has now confirmed that information relating to its work with several Victorian Government departments and agencies has been released by cyber criminals to the dark web”.
A number of departments are affected by the data breach, and HWL Ebsworth is working closely with the affected departments to work out exactly what data has been impacted. According to a Victorian government spokesperson, the government has been advised that data is very sensitive.
As the government identifies those affected by the data breach, direct contact will be made with all victims.
“Where that information relates to members of the Victorian community,” the state CISO said, “departments and agencies will make direct contact with those impacted as soon as possible to provide tailored advice and support because we know data breaches can be distressing, especially when personal information is involved”.
For now, however, the Victorian government is only aware that the legal files are “highly sensitive”.
“We are continuing to work with HWL Ebsworth to understand the extent of the compromise. We have been advised by HWL Ebsworth that information affected includes highly sensitive documents from legal files with state government departments and agencies,” the spokesperson told The Sydney Morning Herald.
The news comes after the newly appointed national cyber security coordinator made further comments on the HWL Ebsworth hack.
“Yesterday, I convened a National Coordination Mechanism (NCM) meeting with relevant government agencies, both from the Australian government and states and territories, and HWL Ebsworth regarding impacts to HWL Ebsworth’s affected industry clients,” said Air Marshal Darren Goldie, who was appointed to the role on 13 June 2023.
“The NCM meeting provided HWL Ebsworth [with] an opportunity to update on their engagement with impacted clients. Impacted clients assessed to date include government agencies and businesses from the financial services, health, transport, energy and resources, and construction sectors.”
“This is an evolving incident, and there may be additional impacted entities that have yet to be identified. As information continues to come to light, I am committed to keeping the community updated with information I am able to publicly share.”
HWL Ebsworth is continuing to work with stakeholders and the Office of the Australian Information Commissioner.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.