Australia’s four major banks have confirmed that they are among the companies whose data is affected by a recent ransomware attack on law firm HWL Ebsworth (HWLE).
Back in April, an online hacker group based in Russia, going by the name of BlackCat, gained access to the servers of Melbourne law firm HWLE and stole four terabytes of personal information.
HWLE has hundreds of high-profile clients including banks and a number of government institutions including the National Disability Insurance Scheme (NDIS).
Among the data accessed was local and remote company credentials, credit card information and loans data, customer documentation including identification details, insurance agreements, and internal company data.
The hackers are reportedly demanding a $5 million ransom for the information, which HWLE has so far refused to pay. In response, some of that data has already been published on the dark web.
Now it’s been confirmed that all four of Australia’s major banks – ANZ, Westpac, the National Australia Bank (NAB) and Commonwealth Bank Australia (CBA) – are among the affected HWLE clients.
For now, the banks are saying that none of their core systems have been compromised, but that personal client information has been accessed and they will be notifying any affected clients.
Westpac says it is aware of the breach and has been liaising with HWLE, but that Westpac systems remain unaffected.
ANZ said it was also aware of the HWL Ebsworth cyber incident.
“ANZ’s systems have not been impacted,” the company says in its statement.
“ANZ is a client of HWLE for some legal matters. We are working with HWLE and others to understand and address the potential exposure, and we will directly contact those employees and customers who may have been impacted and need to be notified.”
NAB also looked to reassure its customers that its internal systems had not been accessed.
“We are aware that HWL Ebsworth, a law firm engaged by NAB for some legal services, has been impacted by a cyber attack,” NAB says.
“NAB’s systems were not impacted and remain secure. We are working with HWLE as they continue to get more information in relation to the content of these matters.”
The attack is just the latest in a long line of sophisticated ransomware attacks carried out in recent times, including the widely publicised attacks on the Medibank and Optus databases.
Professor Monica Whitty, head of the department of software systems and cybersecurity at Monash University, says companies need to be more forthcoming with information when they are subject to attacks such as these.
“If a data breach is confirmed, the customers affected and the general public deserves to know more about what has happened to their personal data and what protections were not in place to provide opportunities for criminals to access data,” she says.
Prof. Whitty says members of the public are often at a loss as to what to do next when their personal data is compromised and that both business and government have a role to play in informing the public.
“Customers also need to understand what to do next to protect themselves as a consequence of a potential breach,” she says.
“For example, if their identity has been compromised, there needs to be an explanation regarding how customers’ data might be used in identity fraud and other scams. In addition, they need to be taught what to look out for and what actions they need to undertake to remain safe.”
Do you think companies need to more to protect your personal info? Who is ultimately responsible when a data breach like this occurs? Let us know what you think in the comments section below.
Also read: Could this tech replace your password?