Victoria government officials confirmed on Friday that malicious actors have leaked highly sensitive legal files belonging to its departments and agencies. The cybercriminals reportedly obtained the information following a data breach of HWL Ebsworth in April. It is highly likely that the released data also contains personal information.
“We are continuing to work with HWL Ebsworth to understand the extent of the compromise. We have been advised by HWL Ebsworth that information affected includes highly sensitive documents from legal files with state government departments and agencies,” said a spokeswoman for the Victoria government.
“We know this could be a distressing situation for the people affected, and we are working to notify all those affected as soon as possible,” the spokeswoman added.
Criminals Likely Leaked Data to Squeeze Ransom Payment
HWL Ebsworth, a law firm, has commercial and government clients in every Australian state and territory. In fact, the Office of the Australian Privacy Commissioner was one of several government departments that was taking stock of how much of their data was breached in the April hack.
It is currently unclear exactly how much sensitive data was stolen. However, it is likely that the malicious actors have a large trove of data, and released the Victoria government files to pressure HWL Ebsworth into paying a ransom.
“It’s likely that the attacker has been attempting to leverage their position in order to increase their extortion demands,” John Burgess, who manages cyber security and IT programs at Victoria University, told the Australian Associated Press.
“It’s quite a common practice of these groups to drip feed the information because that puts more and more pressure on the victim to comply with their demands,” Burgess added.
No Victoria Government Systems Affects, Says Chief Information Security Officer
Confirming the data leak, Victoria’s chief information security officer, David Cullen, said that there was no breach of the Victorian government’s IT systems. He added that the government would take measures to assist anyone affected.
“We are taking this matter extremely seriously, and are working in partnership with the Commonwealth government, and can confirm that there has been no direct breach of Victorian government IT systems,” Cullen stated.
“Where that information relates to members of the Victorian community, departments and agencies will make direct contact with those impacted as soon possible to provide tailored advice and support because we know data breaches can be distressing, especially when personal information is involved.”
BlackCat Behind HWL Ebsworth Hack
The Blackcat/ALPHV ransomware group claimed responsibility for the HWL Ebsworth hack. The Russia-linked group has previously targeted American organizations, and took credit for a cyberattack against Reddit in Februray.
HWL Ebsworth has already taken measures to support affected individuals. It has partnered with IDCARE, Australia’s national identity and cyber support community service, to provide free support to the victims.
“We have sought assurances from HWL Ebsworth on the cybersecurity protections applied to Victorian government data,” said chief information security officer Cullen. “Supporting impacted Victorians and their wellbeing, remains a top priority.”
Australian enterprises and citizens have suffered from a number of high-profile cyber attacks since last year, including the Optus breach. The incident is another reminder of the current precarious global cybersecurity environment, where an individual’s data can get leaked online through no fault of their own.
If you found this article interesting, we recommend reading up on our resources that might help you make informed decisions about keeping yourself safe online:
