Suspicious Email Scam Again? (HWL Ebsworth Data Breach)

Just received an email about I was being scammed so sick of these so just deleted it, anyone else got something from fake lawyers?

Don't know who these guys are never heard of them and never sign up with them, how are these guys even finding my complete detail just boggles me.

HWL Ebsworth Cyber Security Incident
Image
Thursday, 21 March 2024
PRIVATE & CONFIDENTIAL
Dear ***

Cyber Security Incident
We are writing to inform you of a data breach experienced by HWL Ebsworth Lawyers (HWLE), which has impacted your personal information. We deeply regret that this has occurred and extend our sincere apologies to you.

HWLE is a law firm which has provided legal services to a broad range of organisations, including The Star Entertainment Group Limited (The Star), other ASX-listed companies and government departments and agencies.

We hold some of your personal information in connection with our provision of legal services to The Star.

HWLE was the victim of a cyber-attack in April 2023 which HWLE became aware of on 28 April 2023. This attack involved unauthorised access to a portion of HWLE's IT environment.

Unfortunately, the incident involved the theft of client data from HWLE’s systems, including data relating to The Star. Some of your personal information was taken as a result.

The Star's own systems were not and have not been impacted by this incident.

This letter outlines the particular types of personal information involved, the steps taken to date by HWLE and the steps that you can take to reduce the potential impact on your information.

Impacted personal information
The following types of your personal information were identified as having likely been extracted from HWLE's network:

D.O.B., Address, Phone Number, Driver Licence Number, Other Identity Credential

What actions has HWLE taken?
Once aware of the incident, we worked urgently to contain the threat and investigate what occurred. HWLE also engaged external cyber security experts to assist with our response to the incident and we are working with these experts to ensure the ongoing safety and security of our systems.

When a portion of the data was published to the dark web, HWLE secured an injunction from the NSW Supreme Court which prohibits further access to, use, dissemination or publishing of the data disclosed on the dark web, including by the media. We note that the dark web leak site on which a portion of the data was published was accessible for less than three weeks, following which it was removed, and the dark web leak site remains inaccessible.

HWLE has reported the incident to and continues to work closely with the Australian Cyber Security Centre (ACSC), the Office of the Australian Information Commissioner (OAIC) as well as relevant government agencies and law enforcement authorities.

HWLE is also liaising with the Australian Taxation Office and Services Australia with respect to impacted information that those agencies are responsible for.

Why am I being notified now?
HWLE appreciates it has taken some time for individuals to be notified since the incident was discovered. This is because a very large volume of data was extracted but the extent of the impact to personal information was not immediately apparent. A complex and comprehensive manual review was needed to assess what personal information was involved and to identify affected persons.

What can impacted individuals do?
HWLE recommends individuals take the following steps to reduce the risk of harm associated with access to their personal information:

Remain alert to increased scam activity, especially email and SMS or telephone phishing scams (ie, fraudulent communications disguised as if to look like they come from an organisation you trust). In particular, any such scam activity purporting to come from HWLE.
Do not click on any suspicious links or provide your passwords or any personal information. Always refuse any unprompted request from an individual to access to your computer even if they say they are from a credible organisation.
Enable multi-factor authentication for your accounts where possible.
Consider changing your online account passwords. The Australian Cyber Security Centre provides guidance around good password practices: https://www.cyber.gov.au/protect-yourself
Install up-to-date anti-virus software on any device you use to access your online accounts; and
To monitor your financial records, you can apply for an annual free credit report or credit report ban from each of the consumer credit reporting agencies below:
Equifax: https://www.equifax.com.au/personal/products/credit-and-iden…
Illion: https://www.creditcheck.illion.com.au/; and
Experian: http://www.experian.com.au/consumer-reports
Where we have confirmed that your core identity information has been impacted (driver’s licence, tax file number, passport, birth certificate) HWLE is also willing to offer to you the option of taking out Equifax Protect, a credit and identity monitoring service that helps reduce the risk of financial loss, available for 12-months on request. This subscription includes alerts for changes to your credit reporting, monthly credit reports and score tracking. Please contact us at [email protected] to check your eligibility for this subscription and, if applicable, we will make necessary arrangements.
HWLE will reimburse individuals for the cost of replacing driver's licences or passports where such documents have been impacted by the incident and the relevant advice is to replace that document. Please contact HWLE directly on [email protected] to confirm your eligibility for reimbursement.
Further information on online safety, cyber security and helpful tips to protect yourself and respond to scams, identity theft and other online risks, can be found at the following government agency websites:

https://www.oaic.gov.au/privacy/your-privacy-rights/ways-to-…
https://www.cyber.gov.au/threats
https://www.scamwatch.gov.au/
IDCARE
If you need further assistance beyond the above recommendations, we are making available to you the services of IDCARE, Australia’s national identity and cyber support community service. HWLE has partnered with IDCARE specifically for the purpose of providing impacted individuals with tailored and specific advice, beyond the general advice that is ordinarily available to members of the public.

IDCARE have expert Case Managers who can work with you in addressing concerns in relation to personal information risks and any instances where you think your information may have been misused. IDCARE’s services are at no cost to you.

If you wish to speak with one of IDCARE's expert Case Managers please complete an online Get Help form at www.idcare.org or call 1800 595160. Note IDCARE specialist Case Managers are available from 9am-6pm AEDT Monday to Friday excluding public holidays. When engaging IDCARE please use the referral code HWLEBS23.

Conclusion
We acknowledge and understand that it may be upsetting to learn that some of your personal information has been illegally accessed as a result of a data breach. If you are experiencing any distress, we recommend that you seek health advice from a registered health professional you know and trust.

HWLE regrets that this incident has occurred and has resulted in some of your personal information having been illegally accessed. Once again, we would like to sincerely apologise for any concern or inconvenience this may cause you.

If you would like any more information about this incident, please contact HWLE at [email protected] or 1800 371 221.

Yours faithfully

HWL Ebsworth Lawyers