Armidale based government agency the Australian Pesticides and Veterinary Medicines Authority (APVMA) has confirmed that they are one of the 65 government agencies affected by a data breach at law firm HWL Ebsworth.
The sophisticated cyber attack was a ransomware attack using ALPHV – a Russian backed ransomware-as-a-service syndicate. The Federal Government’s cyber security experts worked with the law firm for four months to understand the extent of the breach and help manage the situation. It has been confirmed that sensitive personal and government information has been exposed, with some of it already circulating for sale on the dark web.
A spokesperson for the APVMA confirmed that HWL Ebsworth provides legal services to the agency and that some of their information was included in the breach, but, as is the case for all the affected agencies, the APVMA’s systems have not been compromised.
“On 9 June 2023, HWLE provided the APVMA with a list of documents that were included in the breach.”
“A second tranche of documents included in the breach was provided to the APVMA by HWLE on 1 August 2023,” the spokesperson said.
The APVMA did not answer questions about how many local current and former staff of the agency may have had their personal identity information included in the hack, but assured that affected individuals will be notified.
“The APVMA is reviewing the documents to identify those that contain personal information, and, consistent with the requirements under the Notifiable Data Breaches scheme, has and will continue to notify affected individuals where necessary.”
National cybersecurity co-ordinator, Air Marshall Darren Goldie, had allowed the law firm to notify people affected personally at a slower than usual rate because those affected included NDIS providers and recipients.
“I stress that there are still some affected people who have not been informed,” Air Marshall Goldie said.
HWLE has defended on paying the ransom, and admitted that core personal information about individuals was included in the attack. Of the 2.5 million documents stolen, around 1 million were already circulating on the dark web.
“Where we have confirmed that core identity information has been impacted – drivers licence, passport, birth certificate details, for instance – we have offered Equifax Protect, a credit and identity monitoring service that helps reduce the risk of financial loss. HWLE has also partnered with IDCARE to provide impacted individuals with tailored and specific advice at no cost,” their website notice about the breach says.
Like what you’re reading? Support The New England Times by making a small donation today and help us keep delivering local news paywall-free. Donate now