The internal networks of HWL Ebsworth, one of Australia’s largest law firms, were compromised by the ALPHV/BlackCat extortion gang, who claimed to have stolen data from an Australian company. The gang has already published 1.45 data containing over a million documents, supposedly taken from HWL Ebsworth’s systems in April of this year. The group has warned the firm that more information will be leaked if their demands are not met.
Although the law firm is yet to provide specific details, it confirmed that its systems had been breached to local media. The ramifications of such an extensive data leak could be severe, given that the firm’s clients include several major Australian government departments and the ANZ banking group. Despite the stakes, HWL Ebsworth has refused to negotiate with the extortion gang, citing ethical and moral reasons for taking a stand.
“We believe that we have a fundamental civil duty in no case to encourage criminal extortion activities,” said a company representative in an interview with ABC. “The confidentiality and safety of data of our customers as well as our employees is still of paramount importance. We recognize and understand what influence this can have, closely communicate with clients, and therefore stand firm in our stance.”
The extortion group’s tactics reflect a trend among cybercriminals to target ‘company-hubs’ capable of yielding sensitive or confidential information from multiple victim organizations, rather than attacking individual firms. This approach can be more effective for blackmail purposes, as the group can target all of the victims simultaneously. Numerous similar attacks have taken place recently, including several successful malicious operations by the Clop extortion group against MFTs like Accental FTA, Fortra Goanywhere, and Moveit Transfer.