A prominent Australian law firm is investigating claims hackers have published data taken from the company on the dark web.
HWL Ebsworth, which has clients at either commercial or government level in every state or territory, on Friday said it had learned of the data release.
“Cyber criminals who accessed our systems have now claimed to have published around one third of the total data they say has been exfiltrated from our firm,” a company spokesman said.
“We are investigating this claim and are seeking to identify what data may have been published.”
It was reported in May by the Australian Financial Review that hackers claimed to have obtained client information and employee data from HWL Ebsworth.
The Tasmanian government said it had been contacted by the federal government about an “illegal release” of HWL Ebsworth data on the dark web.
Minister for Science and Technology Madeleine Ogilvie said there was a nationally co-ordinated approach to investigating the impacts of the incident.
“This is concerning and we are working closely with the Australian government to establish if any Tasmanian information has been impacted,” she said.
“While this may take some time considering the volume of data involved – we are taking swift action and will keep the Tasmanian community informed with further developments.”
HWL Ebsworth has said it will not submit to the hacker’s ransom demand.
“We take our ethical and moral duties to the community very seriously,” the firm’s spokesman said.
“We consider we have a fundamental civic duty to not, in any way, encourage or be seen to condone the criminal activity of extorting money by taking and threatening the publishing of other people’s data.
“The privacy and security of our client and employee data remains of the utmost importance.
“We acknowledge and understand the impact this may have, and we are communicating closely with our clients.”
The firm says it is working with the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and relevant government authorities and law enforcement.
A spokesman for federal Cyber Security Minister Clare O’Neil was unable to provide comment.
Tasmania’s government was caught up in a separate data breach earlier this year in which 16,000 state education department documents were released onto the dark web after a third-party file transfer service was hacked.