Over 60 Govt entities affected by HWL Ebsworth cyber attack

Commonwealth sounds alert on ‘vulnerable’ agencies as cyberattacks surge

A total of 65 Australian Government entities have been impacted by the fallout from a high-profile cyber-attack on HWL Ebsworth due to their being direct clients of the firm’s legal and consulting services, National Cyber Security Coordinator, Air Marshal Darren Goldie, revealed in a statement.

The cyber breach, which was reported in May this year, also affected “a large number of private sector clients”,  Goldie said.

He confirmed that a formal coordinated response from the Australian Government, which lasted for 16 weeks, to the cyber incident has now been concluded; HWL Ebsworth is now expected to manage its response without formal assistance from the Government.

At the same time, the firm will continue to work directly with affected Australian Government agencies and private sector entities on managing the consequences of the breach, and will continue to engage with the Office of the Australian Information Commissioner.

Commenting on the Government agencies affected by the cyber attack on the legal firm, the National Cyber Security Coordinator stressed that no agency clients of HWL Ebsworth suffered a cyber incident themselves.

“The attack on HWL Ebsworth provides important lessons for Government and industry and insight into how we can more effectively respond to and rebound from future cyber incidents,” Goldie said.

“I will now lead a thorough review with HWL Ebsworth and relevant stakeholders from the Australian Government, states and territories into lessons learned from the incident response. This review will further inform the way the Australian Government, states and territories deal with future attacks.”

Earlier this year, beginning in April, HWL Ebsworth alerted the Government to a cyber attack which involved ransomware and claims of data exfiltration, including the publication of the firm’s data to the dark web.