The federal Fair Work Ombudsman is the latest Australian government agency to disclose some exposure to the May data breach experienced by law firm HWL Ebsworth.
In a statement yesterday, the Ombudsman said that documents “relating to a limited number of our files were included in the breach”.
“We’re working with HWL Ebsworth to ensure individuals affected by the data breach are notified as a priority,” the agency said.
“Support and assistance will be provided to these individuals.
“We’re also working with HWL Ebsworth to understand what information of ours may have been disclosed.”
The Ombudsman’s disclosure came after a series of state governments declared some impact over the past week.
The Victorian government’s exposure to the data breach was widely reported at the end of last week, with CISO David Cullen saying “several Victorian government departments and agencies” had data relating to their work with the firm exposed.
“HWL Ebsworth is in direct contact with impacted departments and agencies to provide advice on the specific information that has been exposed,” Cullen said.
Where that information relates to members of the Victorian community, departments and agencies will make direct contact with those impacted as soon as possible to provide tailored advice and support.”
Cullen added that the state had “sought assurances from HWL Ebsworth on the cyber security protections applied to Victorian government data.”
The Queensland state government said on July 7 it was trying to ascertain its own potential exposure.
“The Queensland government is working with HWL Ebsworth and relevant Commonwealth agencies as the extent of the breach is investigated, including impacts to government information,” it said in a brief statement.
“This includes work to understand and manage potential consequences of the theft and publication of the data, and to ensure that all notifications are made to affected parties where required.”
Meanwhile, The Advertiser newspaper reported over the weekend that a small number of people had received notifications from the South Australian government relating to exposure to the incident.
HWL Ebsworth said in a statement at the end of last week that “methodical and detailed” forensic examination of the breached data continues.
“As we contend with the scale and complexity of this challenge, our priority is to ensure that we properly review the data and inform those impacted as swiftly as we can,” the law firm said.
“This is not a simple or quick task.
“The data set is large and unstructured and includes a complex mix of different types of documents and information, affecting many different stakeholders.
“We continue to be cognisant that clients and other potentially impacted individuals and parties will be concerned to understand what data of theirs is impacted, but given this complexity, it is important to emphasise just how large the overall task is.”
It’s been reported that more than 40 government agencies may have had their dealings with the law firm exposed.
About Author
