Australia’s four major banks have confirmed that they are among the companies whose data is affected by a recent ransomware attack on law firm HWL Ebsworth (HWLE).
Back in April, an online hacker group based in Russia, going by the name of BlackCat, gained access to the servers of Melbourne law firm HWLE and stole four terabytes of personal information.
HWLE has hundreds of high-profile clients including banks and a number of government institutions including the National Disability Insurance Scheme (NDIS).
Among the data accessed was local and remote company credentials, credit card information and loans data, customer documentation including identification details, insurance agreements, and internal company data.
The hackers are reportedly demanding a $5 million ransom for the information, which HWLE has so far refused to pay. In response, some of that data has already been published on the dark web.
Now it’s been confirmed that all four of Australia’s major banks – ANZ, Westpac, the National Australia Bank (NAB) and Commonwealth Bank Australia (CBA) – are among the affected HWLE clients.
For now, the banks are saying that none of their core systems have been compromised, but that personal client information has been accessed and they will be notifying any affected clients.
Westpac says it is aware of the breach and has been liaising with HWLE, but that Westpac systems remain unaffected.
ANZ said it was also aware of the HWL Ebsworth cyber incident.
“ANZ’s systems have not been impacted,” the company says in its statement.
“ANZ is a client of HWLE for some legal matters. We are working with HWLE and others to understand and address the potential exposure, and we will directly contact those employees and customers who may have been impacted and need to be notified.”
NAB also looked to reassure its customers that its internal systems had not been accessed.
“We are aware that HWL Ebsworth, a law firm engaged by NAB for some legal services, has been impacted by a cyber attack,” NAB says.
“NAB’s systems were not impacted and remain secure. We are working with HWLE as they continue to get more information in relation to the content of these matters.”
The attack is just the latest in a long line of sophisticated ransomware attacks carried out in recent times, including the widely publicised attacks on the Medibank and Optus databases.
Professor Monica Whitty, head of the department of software systems and cybersecurity at Monash University, says companies need to be more forthcoming with information when they are subject to attacks such as these.
“If a data breach is confirmed, the customers affected and the general public deserves to know more about what has happened to their personal data and what protections were not in place to provide opportunities for criminals to access data,” she says.
Prof. Whitty says members of the public are often at a loss as to what to do next when their personal data is compromised and that both business and government have a role to play in informing the public.
“Customers also need to understand what to do next to protect themselves as a consequence of a potential breach,” she says.
“For example, if their identity has been compromised, there needs to be an explanation regarding how customers’ data might be used in identity fraud and other scams. In addition, they need to be taught what to look out for and what actions they need to undertake to remain safe.”
Do you think companies need to more to protect your personal info? Who is ultimately responsible when a data breach like this occurs? Let us know what you think in the comments section below.
Also read: Could this tech replace your password?
The people responsible are the Russians. Do not pay a ransom. Surely acting quickly by notifying customers to change their login details will reduce the impact of data breach.
I am gobsmacked by the ‘i’m sorry about that’ attitude of the companies breached by ransom attacks. This is not good enough! If they cannot keep our documents and personal information safe, they should not be allowed to demand it! I am tempted to move address, and get a new licence number, so that at least they won’t have access to everything about me anymore.
We have had all of our personal information breached by Lattitude as a result of hackers. So far I have had three letters telling me to undertake copious amounts of work to try and protect myself, and one item told me to contact the people who determine if you are ok for loans and tell them NOT to lend you any money, this is OK if I don’t want any money, but what if I do??? I feel trapped and at the sametime totally unable to look after myself, I mean if these big firms couldn’t what’s the chance of me? No one is talking about compensation, I’m over feeling scared to use my cards, to do any banking online, to basically function for normal shopping, how dare they crush my life like this through their own carelessness.
About time someone was held accountable, namely CEO’s, directors and senior executives. If someones personal information has been compromised then the company should also foot the bill in total to ensure those people are informed, educated and more importantly new documents like drivers licence, medicare cards, phone numbers, email addresses etc etc are made available in quick time. Unfortunately you can’t change your name or DOB or residential address without big issues arising so forcing these companies to pay big compensation should also be on the cards.
Legislation isn’t good enough for these companies without massive financial penalties and criminal charges for even the smallest breach.
Any comments for Commonwealth Bank pls ???