IT Services provider HWL Ebsworth has confirmed that their network was hacked by the ALPHV ransomware group, who have claimed to have stolen data from the firm. HWL Ebsworth is one of the largest law firms in Australia with an annual revenue of hundreds of millions of dollars. The firm employs over 2,000 people and operates nine offices across the country. The ALPHV ransomware group, also known as BlackCat, has published 1.45 terabytes of data allegedly stolen from HWL Ebsworth in April 2023, threatening to leak more if their demands are not met.

HWL Ebsworth listed on BlackCat's extortion portal
HWL Ebsworth listed on BlackCat’s extortion portal (source)

Despite the threat, a spokesperson for the firm has stated that they will not give in to the demands of the extortionist group, even if it means that they and their clients will suffer the consequences of a data leak. The spokesperson added that they take their ethical and moral responsibilities very seriously and will not condone criminal activity that involves extorting money by taking and threatening to publish other people’s data. The privacy and security of the client and employee data remains their utmost priority, and they are closely communicating with their clients.

Given that HWL Ebsworth had business with the public sector, there are concerns that the leaked documents may contain sensitive or confidential information relating to matters of the state. According to ABC, ANZ banking group, South Australian, Queensland, and ACT governments, Environment and Human Services Department, and the Australian Taxation Office (ATO) are some of the current or former clients of HWL Ebsworth, potentially impacted by this incident.

Unfortunately, the leaked documents on BlackCat’s site are easily accessible as the threat group’s indexed database allows visitors to filter search results by filename or file type. Bleeping Computer has contacted HWL Ebsworth to comment on the status of its operations and the progress of its internal investigation on the validity of the leaked data, but they have yet to respond.

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *