Cyber Attack Takes Down Australia’s Peak Body In Charge of Privacy Breaches

Cyber Attack Takes Down Australia’s Peak Body In Charge of Privacy Breaches
Crop cyber spy hacking system while typing on laptop. Sora Shimazaki/Pexels
Henry Jom
Updated:

An Australian governmental body in charge of monitoring privacy breaches has fallen victim to a cyber attack following the hacking of one of the agency’s law firms.

Data from the Office of the Australian Information Commissioner (OAIC) was stolen by Russian cybercriminal BlackCat, also known as AlphV, after the hacking group infiltrated the database of HWL Ebsworth.

HWL Ebsworth is one of Australia’s largest commercial law firms and provides the OAIC with professional services.

This comes after four terabytes worth of company information, including employee details, were stolen by AlphV in April, with approximately 1.45 terabytes of sensitive information allegedly published by the hacking grouping on the dark web on June 8. However, it is unclear what data has been published, as HWL Ebsworth has a number of governmental and corporate clients.

“Cyber criminals who accessed our systems have now claimed to have published around one-third of the total data they say has been exfiltrated from our firm,” a company spokesman told AAP.

“We are investigating this claim and are seeking to identify what data may have been published.”

On June 12, HWL Ebsworth was granted an injunction by the Supreme Court of NSW to prevent hacking group AlphV from disclosing the stolen data online. The hacking group was also ordered to take down the data immediately. The injunction order was served using the contact information provided in three emails that demanded a ransom payment, which HWL Ebsworth has previously said it would not be paying.

However, HWL Ebsworth managing partner Juan Martinez admits there are “practical limits” to enforcing the injunction.

“However, we have taken this step with a view to preventing, as far as possible, any further broader access to or dissemination of the data. This includes seeking to prevent the media from accessing or publishing any of the data, or indeed any party,” Martinez said, reported the Australian Financial Review (AFR).
Martinez said he believes this to be the first time in Australia “that an injunction has been granted against cyber hackers in circumstances such as these.”

Tasmanian Government Caught Up in Company Hack

The Tasmanian government has also been a victim of the cyberattack after it was contacted by the federal government about an “illegal release” of HWL Ebsworth data on the dark web.

Approximately 16,000 financial invoices and statements that were issued by the state’s education department were stolen. AlphV has claimed responsibility for the cyberattack.

Minister for Science and Technology Madeleine Ogilvie said there was a nationally coordinated approach to investigating the impacts of the incident.

“This is concerning, and we are working closely with the Australian government to establish if any Tasmanian information has been impacted,” she said.

“While this may take some time considering the volume of data involved—we are taking swift action and will keep the Tasmanian community informed with further developments.”

HWL Ebsworth has said it will not submit to the hacker’s demand for a ransom payment.

“We take our ethical and moral duties to the community very seriously,” the company’s spokesperson said.

“We consider we have a fundamental civic duty to not, in any way, encourage or be seen to condone the criminal activity of extorting money by taking and threatening the publishing of other people’s data.

“The privacy and security of our client and employee data remains of the utmost importance.

“We acknowledge and understand the impact this may have, and we are communicating closely with our clients.”

HWL Ebsworth employs approximately 1300 people with 278 partners. The hackers sent their first ransom on April 30.

Meanwhile, the OAIC is investigating the hacking of Latitude Financial Group in March, which has affected approximately 14 million customers. The OAIC has also been involved in the response to the hacking of Medicare and Optus, according to The Australian.

AlphV Hacking Group Targets Australian Organisations

According to the Australian Cyber Security Centre (ACSC), AlphV affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including in Australia.

In February 2022, AlphV affiliates compromised a German oil storage operator and an energy distributor.

“The ACSC is aware of ALPHV targeting government and critical infrastructure organisations, as well as the energy, finance, construction and other sectors,” the ACSC said.

“The ALPHV operators claim to exclude the use of the ransomware in attacks on healthcare and charitable organisations.”

According to a November 2022 report, the ASCS received over 76,000 cybercrime reports, equating to one report every seven minutes.
Henry Jom
Henry Jom
Author
Henry Jom is a reporter for The Epoch Times, Australia, covering a range of topics, including medicolegal, health, political, and business-related issues. He has a background in the rehabilitation sciences and is currently completing a postgraduate degree in law. Henry can be contacted at [email protected]
twitter
Related Topics