Fair Work Ombudsman, Queenland government caught up in HWL Ebsworth breach
HWL Ebsworth, a national law firm, reported a data breach and possible dark web disclosure on May 8, 2023.
In a statement, Fair Work Ombudsman said HWL Ebsworth's breach included some Fair Work Ombudsman files. The cyber incident did not affect our systems.
“HWL Ebsworth and we are prioritising data breach notification. They'll get help. The Department of Home Affairs is investigating the breach, which exposed personal and Australian Government data,” Agency said.
The agency added that HWL Ebsworth is helping us identify our disclosed data. “
“We take our Privacy Act 1988 obligations seriously and are committed to implementing appropriate systems to protect personal information.” Agnecy disclosed.
Last week, CISO David Cullen said "several Victorian government departments and agencies" had data related to their work with the firm exposed.
Meanwhile, The Queensland Government is aware of a cyber incident and data breach impacting law firm HWL Ebsworth.
In a statement, the Queensland Government is working with HWL Ebsworth and relevant Commonwealth agencies as the extent of the breach is investigated, including impacts to government information. This includes work to understand and manage potential consequences of the theft and publication of the data, and to ensure that all notifications are made to affected parties where required.
The HWL Ebsworth supply chain attack is Australia's new national cyber security coordinator's first priority.
Air Marshal Darren Goldie, appointed national cyber security coordinator in June, said his first order of business was to seek briefings from the Department of Home Affairs and HWL Ebsworth on the cyber incident response.
On Friday, April 28, 2023, HWL EBsworth became aware that a threat actor identified as ALPHV/BlackCat made a post on a dark web forum claiming to have exfiltrated data from HWL Ebsworth.
Upon becoming aware of this threat, HWL Ebsworth immediately engaged McGrathNicol to investigate the incident and undertake containment and remediation actions.
The investigation indicates the threat actor had accessed and exfiltrated certain information on a confined part of the firm’s system, but not on our core document management system.
On June 9, 2023, HWBL Ebswirth became aware that the threat actor had published on their dark web forum at least some of the data they claimed to have taken.
Have you got a news tip for our journalists? Share it with us anonymously here.
Send press releases to newsdesk@redwires.au. Other ways to contact us. Editorially, we may rewrite headlines and descriptions.
Recommend Redwires AU: Accessible News For Young Cybersecurity Aussies
Redwires AU provides Young Australians with easily accessible, curated cybersecurity news.
Before you go..
You can get RedWires AU for free right now. Your donation, no matter how big or small, will help us keep doing honest journalism.
The readers of Redwires AU are the engine that drives our publication. Add your support to the effort to create a sustainable future for journalism that does not make compromises in the AU.
In the world we live in now, accurate and thorough reporting and analysis are becoming more and more critical. To stop the spread of false information, it's essential that everyone in Australia has access to good reporting.
The Redwires AU contributes to society by opening up access to information and resources for all people, rather than just a select few.
Our only goal is to educate the general public more thoroughly. If you believe in what we're trying to accomplish here, please consider making a contribution right away to ensure our success in the years to come.
Upgrade your subscription to get the most out of it. Join the growing number of people around the world who believe in the power of independent media.