Goodbye job applications, hello dream career
Seize control of your career and design the future you deserve with LW career

Tasmanian government reports possible data breach linked to alleged HWL Ebsworth hack

The Tasmanian government is reporting that the Commonwealth has been in touch regarding a possible leak of state government data on the dark web, linked to the alleged hack of BigLaw firm HWL Ebsworth early last month.

user iconDavid Hollingworth 14 June 2023 Big Law
expand image

Editor’s note: This story originally appeared on Lawyers Weekly’s sister brand, CyberSecurity Connect.

The Tasmanian government is one of the law firm’s clients. The government was aware of the initial hack but is only now being made aware that some of the firm’s information is being leaked online.

Madeleine Ogilvie, Minister for Science and Technology, announced the possible breach in a statement on 9 June.


“This is concerning, and we are working closely with the Australian government to establish if any Tasmanian information has been impacted,” Minister Ogilvie said.

“While this may take some time considering the volume of data involved — we are taking swift action and will keep the Tasmanian community informed with further developments.”

The Russian-backed ALPHV ransomware group allegedly claimed HWL Ebsworth’s scalp in early May, boasting on its dark web site that it had stolen employee data, including accounting details, insurance data, and more. The group also had in its possession an unknown amount of client data, which included credit card details and financial information, as well as network maps and credentials.

At the time, HWL Ebsworth notified the Australian Cyber Security Centre and said that it would continue to work with it throughout the course of the subsequent investigation.

This is the second time this year that the Tasmanian government has faced a serious data breach relating to a third-party hack.

Personally identifiable information from the Tasmanian Department for Education, Children and Young People was compromised in April 2023, following on from a hack on Fortra’s GoAnywhere MFT cloud service, which occurred on 30 January of this year. That hack affected 130 organisations, and the Clop ransomware gang took credit for the original exploit.

Tasmania reported at the time that 16,000 individual documents were affected, including names and addresses, school details, children’s names, and some bank account details.

You need to be a member to post comments. Become a member for free today!