Posted: 2023-06-13 08:13:52

A large Australian law firm, recently hit by a sensitive cyberattack, has obtained an injunction from the Supreme Court of NSW preventing hackers from disclosing its stolen information. The firm claims the order has a secondary effect of also preventing media from reporting any details from the data.

The attackers – a Russian-linked criminal gang known as BlackCat, or AlphV – claimed to have stolen extensive data from law firm HWL Ebsworth in April. Late last week, it claimed to have posted some of the data on the dark web. The gang claimed that four terabytes of data included confidential information about the firm’s clients and staff, as well as credit card and financial information.

A ransomware gang claims to have stolen a trove of data from HWL Ebsworth.

A ransomware gang claims to have stolen a trove of data from HWL Ebsworth.Credit: iStock

HWL Ebsworth’s present and past clients have included the federal, Tasmanian, Queensland, South Australian, and ACT governments, the Australian Taxation Office and ANZ bank.

On June 12, the firm was granted an order preventing the hackers from placing any more of the stolen data on the internet, publishing it, promoting links to it, or using it for any purpose other than obtaining legal advice. It also ordered that the attackers take the data down immediately.

The order also enables the law firm to serve the injunction on the hackers, using contact information provided in three emails demanding the payment of a ransom.

Loading

In a letter to media organisations on Tuesday, HWL Ebsworth said it was of the view that any organisation publishing the data would be in contempt of court, that its injunction was in the public interest, and that publication of the data could have unintended consequences against the public interest. The letter also revealed that the stolen data included the information of the firm’s own staff.

AlphV is believed by cybersecurity researchers to be made up of former members of the hacker groups DarkSide and BlackMatter, and has a reputation for attacking professional services companies.

Before the apparent publication of the stolen data, an HWL Ebsworth spokesman said it was working to verify what data may have been taken.

View More
  • 0 Comment(s)
Captcha Challenge
Reload Image
Type in the verification code above