Share this article on:
The Tasmanian government is reporting that the federal government has been in touch regarding a possible leak of government data on the dark web, linked to the hack of Australian law firm HWL Ebsworth early last month.
The Tasmanian government is one of the law firm’s clients. The government was aware of the initial hack but is only now being made aware that some of the firm’s information is being leaked online.
Madeleine Ogilvie, Minister for Science and Technology, announced the possible breach in a statement on 9 June.
“This is concerning, and we are working closely with the Australian government to establish if any Tasmanian information has been impacted,” Minister Ogilvie said.
“While this may take some time considering the volume of data involved — we are taking swift action and will keep the Tasmanian community informed with further developments.”
The Russian-backed ALPHV ransomware group claimed HWL Ebsworth’s scalp on 2 May, boasting on its dark web site that it had stolen employee data, including accounting details, insurance data, and more. The group also had in its possession an unknown amount of client data, which included credit card details and financial information, as well as network maps and credentials.
HWL Ebsworth subsequently reportedly reported the incident to the Australian Cyber Security Centre.
This is the second time this year that the Tasmanian government has faced a serious data breach relating to a third-party hack.
Personally identifiable information from the Tasmanian Department for Education, Children and Young People was compromised in April 2023, following on from a hack on Fortra’s GoAnywhere MFT cloud service, which occurred on 30 January of this year. That hack affected 130 organisations, and the Clop ransomware gang took credit for the original exploit.
Tasmania reported at the time that 16,000 individual documents were affected, including names and addresses, school details, children’s names, and some bank account details.