Share this article on:
Breaking news and updates daily. Subscribe to our Newsletter
Major Aussie law firm HWL Ebsworth is the latest Australian organisation to suffer at the hands of a potential ransomware attack, after a Russian hacking group claimed to have accessed its systems and stolen a large chunk of data.
In a post on its website, the Russian-backed ALPHV ransomware group behind the BlackCat hacking operation revealed that it had stolen four terabytes of data from the Aussie law firm, including employee personal data covering IDs, accounting data, loan data, insurance data and CVs.
In addition, ALPHV claimed to have stolen a stockpile of client data, including credit card information, financial data and load data, as well as a range of internal company files and network mapping and credentials.
#Australia ?? - ALPHV ransomware group has announced HWL Ebsworth, a commercial law firm, on the victim list
The group claims to have 4 TB data including internal company data, clients documentation, complete network map, and more.#DarkWeb #ransomware pic.twitter.com/m8HzFJWC3v— Daily Dark Web (@DailyDarkWeb) April 28, 2023
ALPHV, which runs as a ransomware-as-a-service business model, has been active since late 2021 and, according to Palo Alto Networks, is one of the top three ransomware groups targeting Australia, having previously hit major organisations such as LJ Hooker.
The group infiltrates company networks in a number of ways, such as exploiting vulnerabilities and drawing in victims with emails and Google ads containing malicious software.
While ALPHV’s claims are yet to be verified, HWL Ebsworth has reportedly reported the incident to the Australian Cyber Security Centre (ACSC), as legally required under the Security of Critical Infrastructure Act 2018.
HWL Ebsworth is considered one of Australia’s leading national law firms and has offices in every one of Australia’s states and territories. Cyber Security Connect has reached out to the group requesting comment on the incident.
Alongside HWL Ebsworth, ALPHV has claimed responsibility for a number of major breaches, including a recent attack on computer hardware manufacturer Western Digital.
Claiming to have stolen 10 terabytes, the ransomware group is now mocking the organisation’s initial response to the alleged breach, having posted screenshots and videos showing its actions responding to the attack and suggesting it still has access to its systems.
Western Digital is currently not negotiating ransom with ALPHV. It also denied requests for comment on the recent screenshots.
Comments powered by CComment