Advertisement
Goodbye job applications, hello dream career
Seize control of your career and design the future you deserve with LW career
GET STARTED

Hackers threaten to leak data from legal services firm

Hackers from a cyber-crime collective have targeted a legal services firm and top-tiered clients in a ransomware attack, warning the firm to give into their demands within seven days or risk a leak of their ransomed data.

user iconNaomi Neilson 26 November 2020 SME Law
Hackers threaten to leak data from legal services firm
expand image

Legal services firm Law In Order confirmed that it had been the victim of a ransomware attack from an international cyber-crime group that has forced it to limit access to online networks and put a stop to its business operations. The firm was told it had seven days to respond to demand before more of its data is released on the dark web. 

You’re out of free articles for this month
Hacking group NetWalker has taken responsibility for the attack and has uploaded the demands and a snippet of what it claimed was the stolen data along with extracts from Law In Order’s website. From screenshots obtained on social media, the firm had just over six days to respond to the demands, starting Tuesday, 24 November. 

In an update released on the firms’ site – which is currently unstable as it manages the attack – it noted: “We are investigating the extent to which information contained in our system, including sensitive personal information, has been affected.

“At this stage, we have seen no evidence of data exfiltration nor anything that indicates Law In Order’s customers’ networks have been compromised,” it said.

Based on testimonials from the site, the legal services firm has clients from global and top-tiered firms as well as royal commissions. Signing off on several of the testimonials were staff from Slater and Gordon, Allen & Overy, HWL Ebsworth and Hall & Wilcox

According to online sources, NetWalker works by stealing data and leaking folders full of screenshots to “prove” it has the information. It then will threaten to release the rest of the data if demands aren’t met. During 2020, the hacking group has been known to use the pandemic against victims by tricking them into clicking on email attachments. 

Law In Order said it engaged cyber-security investigators and advisers to work with its IT team so it can understand the full scope of the incident before it brings its networks back online safely and quickly. The legal services firm is also working closely with the Australian Federal Police and with the Australian Cyber Security Centre. 

“We are making progress; however, it is important we do this methodically and safely, as we work to resume normal business operations,” the firm said.

Naomi Neilson

Naomi Neilson

Naomi Neilson is a senior journalist with a focus on court reporting for Lawyers Weekly. 

You can email Naomi at: This email address is being protected from spambots. You need JavaScript enabled to view it.

Tags
You need to be a member to post comments. Become a member for free today!