At least 40 Australian government agencies that hold sensitive information are feared to have become victims of the Russian cybercriminal group AlphV.
Departments such as Home Affairs, the Australian Taxation Office, Office of the Australian Information Commissioner (OAIC), the Defence Department, and the Australian Federal Police have been impacted by the database hacking of HWL Ebsworth—an Australian commercial law firm that has tens of millions of dollars worth of government contracts.
Approximately 1.45 terabytes of sensitive information were allegedly published by the hacking grouping on the dark web on June 8.
Meanwhile, the Attorney-General’s Department has established a working group to analyse the extent of the data leaks, reported The Australian.
The Epoch Times has contacted the Attorney-General’s Department to seek clarification on the operations of the working group but was referred to the Department of Home Affairs.
The Department of Home Affairs has been contacted for comment.
While the hacking incident has only impacted HWL Ebsworth’s database rather than the government agencies themselves, there are concerns that sensitive data will be compromised. Such data includes company credentials, client documents, and legal advice provided to the agencies.
Other agencies and departments that are clients of HWL Ebsworth include the Prime Minister and Cabinet, Treasury, Education, Agriculture, Fisheries and Forestry, Industry, Science, and Resources, and the Department of Foreign Affairs (DFAT).
Additional agencies include ASIC, the Parliamentary Budget Office, the Fair Work Ombudsman, and the Aged Care Quality and Safety Commission.
The ATO told The Epoch Times in a statement that while it could not publicly comment on its “cyber security posture,” it was aware of the cyberattack at HWL Ebsworth. The ATO has also urged taxpayers to be on alert and to contact the ATO if they have been notified, been a victim of a breach, or have found issues accessing online systems.
The office of Federal Cyber Security Minister Clare O’Neil said it was investigating the potential impact on government data, reported The Australian.
“The government continues to actively engage HWL Ebsworth as it investigates the extent of the breach, including impacts on commonwealth information,” the spokesperson said.
“HWL Ebsworth first reported a cyber incident involving ransomware and claims of data exfiltration and publication to the dark web on 1 May 2023.
“The government is working with HWL Ebsworth to understand and manage potential consequences of the publication of the data. As this matter is the subject of an ongoing joint investigation between the AFP and Victoria Police, it would not be appropriate to comment further.”
Injunction Against Cyber Hacking Group
On June 12, HWL Ebsworth was granted an injunction by the Supreme Court of NSW to prevent hacking group AlphV from disclosing the stolen data online. The hacking group was also ordered to take down the data immediately. The injunction order was served using the contact information provided in three emails that demanded a ransom payment, which HWL Ebsworth had previously said it would not be paying.However, HWL Ebsworth managing partner Juan Martinez admits there are “practical limits” to enforcing the injunction.
Opposition Responds
In a June 16 statement, Opposition cyber security spokesman James Paterson said that the Coalition was concerned by the hacking of government data.“Protecting Australian Government data is more important than ever in light of recent significant cyber incidents and our current strategic environment,” Paterson said.
“The Albanese Government must take every action necessary to secure the compromised data.
“This requires complete transparency about what data has been stolen, the implications of the breach and measures being undertaken to inform and support affected third parties.”
Paterson added that the Albanese government has yet to exercise powers under the Magitsky-style laws to “sanction individuals who engage in egregious, offensive cyber activity against Australia.”
HWL Ebsworth has said it prioritises the safety and privacy of its client and employee data.
“We continue to work with the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and all relevant government authorities and law enforcement. We will continue to provide updates as we progress our response,” a spokesperson said, reported The Australian.
The Epoch Times has also reached out to HWL Ebsworth and the Defence Department but did not receive a response by press time.