Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

HWL Ebsworth secures court order to prevent hackers releasing stolen info

Following the Russian cyber attack on its systems that led to third-party data being released, Australian law firm HWL Ebsworth (HWLE) has successfully secured an NSW Supreme Court injunction that will prevent hackers from publishing any stolen data.

user icon Daniel Croft
Wed, 14 Jun 2023
HWL Ebsworth secures court order to prevent hackers releasing stolen info
expand image

HWLE was targeted by the ALPHV (also known as BlackCat) ransomware gang earlier in the year, with the hacking group revealing that it had stolen four terabytes of data when it gained access to a staff member’s personal computer on 30 April.

Late last week, the hackers claimed to have published some of that data on its dark web leak site.

Now, the Aussie law firm has revealed that it has obtained an injunction from the NSW Supreme Court which will aim to bar anyone from unveiling, promoting or using any of the stolen information outside of obtaining legal counsel. The hackers will also be required to take down the data.

============
============

While the primary target for this was the ALPHV hackers, the injunction will also have the effect of preventing media or any other parties from reporting details of the stolen data.

HWL Ebsworth revealed to media this week it believed securing the stolen data was in public interest, meaning any party who published or reported the data would be doing so against the interest of the public, adding that it believed doing so would be in contempt of court.

However, some cyber security experts have said the injunction is likely to prove ineffective in preventing hackers from publishing the data.

Brett Callow, ransomware researcher for New Zealand security firm Emsisoft, said this defensive strategy has been used before and could have the opposite effect.

“New Zealand’s Waikato District Health Board and the Irish Health Service Executive are among the other organisations to have taken similar courses of action, and it’s a somewhat risky strategy," he told New Zealand publication ITWire.

On the one hand, the injunction may dissuade casual looky-loos from accessing the data and also stop reporters from using it as the basis for stories.

On the other hand, it’s unlikely to stop ALPHV from releasing the data and may actually provoke them into releasing it more quickly or distributing it more widely than they otherwise would.”

Callow named a specific instance in the US where obtaining an injunction led to data being released faster and with more malicious intent behind it.

When US company Southwire obtained injunctions against the Maze ransomware group and its web host, Maze started to release the data on a Russian cyber crime forum with a note inviting people to ‘Use this information in any nefarious ways that you want’.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.