A state government body is confirmed to be one of the clients whose data has been compromised in the cyber hacking incident of national law firm HWL Ebsworth.
A state government body is confirmed to be one of the clients whose data has been compromised in the cyber hacking incident of national law firm HWL Ebsworth.
The Insurance Commission of Western Australia today confirmed to Business News that HWL Ebsworth Lawyers (HWLE) provided it legal services.
Owned by the WA government, the Insurance Commission of WA is a statutory corporation and the sole compulsory third party insurer for motor vehicle personal injuries in the state.
The Insurance Commission of WA was advised that there had been an incident involving a third-party independent legal services provider relating to more than 300 motor injury insurance claims.
It confirmed HWLE provides advice, negotiates and defends actions through litigation on insurance claims.
"The Insurance Commission was subsequently advised that data held by HWLE had been compromised as part of the cyber-attack," the ICWA said in a statement.
"The details of the data that has been accessed are not yet known and these are part of a live investigation the Insurance Commission is actively supporting.
"As HWLE is engaged by federal and state governments across Australia, the Commonwealth Department of Home Affairs is leading the response to this incident, and the Western Australian government is participating as part of a cross jurisdictional working group established by the Department of Home Affairs."
ICWA chief executive Rod Whithear said the incident was concerning and the commission would continue to work with all parties to investigate the extent of the incident.
“A NSW court order currently prohibits access to the leaked HWLE data," he said.
"We understand a consent regime is being implemented that will allow the Insurance Commission to assess the data that may have been exfiltrated.
"We’re committed to supporting any claimants who may be impacted by this incident.”
In May, HWL Ebsworth Lawyers reported a cyber-incident after a threat actor identifying as ALPHV/BlackCat made an online post claiming to have exfiltrated the law firm’s data.
ALPHV or BlackCat ransomware is a program associated with Russian-speaking cybercrime actors.
“Upon becoming aware of this threat, HWL Ebsworth immediately engaged McGrathNicol to investigate the incident and undertake containment and remediation actions,” HWLE said in a statement.
“The investigation indicates the threat actor had accessed and exfiltrated certain information on a confined part of the firm’s system, but not on our core document management system.
“On 9 June 2023, we became aware that the threat actor had published on their dark web forum at least some of the data they claim to have taken.”
