Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The SafePay ransomware gang claims to have stolen 15 gigabytes of data from the Matamata-based firm.
Law firm Bell & Graham, based in New Zealand’s Matamata region, has confirmed it was the victim of a recent cyber attack.
The SafePay ransomware gang listed Bell & Graham on its darknet leak site overnight, saying on 14 January that it had stolen 15 gigabytes of data. The dataset was published at the same time and appears to include legal correspondence and a large amount of identification documents.
SafePay is quite brief in its postings, listing only the size of the data stolen and sharing links to both a file listing and the data itself.
Bell & Graham told Cyber Daily it was made aware of the incident earlier this week.
“The incident was identified on Monday. Since then, we have been working with our IT provider and a specialist cyber incident response firm to respond,” a Bell & Graham spokesperson told Cyber Daily.
“This has included restricting access to elements of our IT systems while remediation and containment works are completed. We anticipate having improved access to our IT systems shortly. While we are operating with restricted IT resources, we are confident we can progress necessary client work.
“We are currently reaching out to our active clients and business community to inform them of the incident. Given the disruption to our IT systems, this has unfortunately taken some time, and we are sending out further notifications as we can.”
Bell & Graham said it had notified New Zealand’s Office of the Privacy Commissioner and CERT NZ. New Zealand Police’s cyber crime unit has also been informed.
As to the data published on SafePay’s leak site, Bell & Graham is working on validating exactly what data has been stolen.
“Our intention is to notify clients where their information has been impacted,” the firm’s spokesperson said.
“If the information listed on the website is published, we would of course remind people not to exacerbate any privacy and confidentiality concerns by accessing it or publishing it further.”
According to research by cyber security firm Huntress, SafePay only began operating within the last couple of months of 2024. The gang is thought to be Russian-speaking or based in Russia itself, as part of its attack process is scanning for systems that feature the Cyrillic character set as their default language.
Recent victims in the ANZ region include Triton Sourcing & Distribution in New Zealand and the Australian Centre for Heart Health.
Bell & Graham offers a range of legal services to clients in the Matamata region, including residential, rural or commercial property transactions, business transactions, limited licences, and trust and estate planning.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
