NOTICE
A Third Party (HWL Ebsworth Lawyers) Cyber Security Incident
HWL Ebsworth Lawyers (HWLE) was the victim of a cyber-attack in April 2023 which it became aware of on 28 April 2023. HWLE is a law firm which has provided legal services to The Star Entertainment Group Limited (The Star) and held personal information relating to The Star in connection with those services.
The attack on HWLE involved unauthorised access to a portion of HWLE's IT environment and the theft of client data from HWLE’s systems. Personal information relating to some patrons and employees of The Star was taken as a result, as were details for other clients of HWLE.
The Star's own systems were not and have not been impacted by this incident. HWLE deeply regrets that this has occurred and extends its sincere apologies to affected individuals. You can find more information from HWLE at the following link: https://hwlebsworth.com.au/cyber-incident/.
HWLE and The Star are providing notifications directly to individuals who have been identified as requiring notification and where contact details are held for those individuals. If you have received a notification directly from HWLE or The Star, please refer to that notification which sets out the types of information in relation to you that have been impacted.
In a limited number of cases, The Star and HWLE have been unable to ascertain accurate contact details to notify individuals directly. This notice is provided for individuals where direct notification is not possible.
The following types of personal information were extracted from HWLE's network: names, dates of birth, email addresses, physical addresses and phone numbers; employment information; identity credentials; physical signatures; sensitive information; driver licence numbers and scans; passport scans; credit card details; Medicare card scans; Centrelink or Concession Card Numbers; Medicare numbers; health/medical information; superannuation account details; bank account details; insurance information; and financial information.
Not all of these types of personal information were present for each individual. This list is provided as a guide for the range of possible impacted personal information.
Once aware of the incident, HWLE worked urgently to contain the threat and investigate what occurred. HWLE also engaged external cyber security experts to assist with its response to the incident and it is working with these experts to ensure the ongoing safety and security of its systems.
When a portion of the data was published to the dark web, HWLE secured an injunction from the NSW Supreme Court which prohibits further access to, use, dissemination or publishing of the data disclosed on the dark web, including by the media. The dark web leak site on which a portion of the data was published was accessible for less than three weeks, following which the dark web leak site was removed.
HWLE has reported the incident to and continues to work closely with the Australian Cyber Security Centre (ACSC), the Office of the Australian Information Commissioner (OAIC) as well as relevant government agencies and law enforcement authorities.
HWLE is also liaising with the Australian Taxation Office and Services Australia with respect to impacted information that those agencies are responsible for.
HWLE recommends individuals take the following steps to reduce the risk of harm associated with access to their personal information:
1. Remain alert to increased scam activity, especially email and SMS or telephone phishing scams (i.e., fraudulent communications disguised as if to look like they come from an organisation you trust). In particular, any such scam activity purporting to come from HWLE or The Star.
2. Do not click on any suspicious links or provide your passwords or any personal information. Always refuse any unprompted request from an individual to access to your computer even if they say they are from a credible organisation.
3. Enable multi-factor authentication for your accounts where possible.
4. Consider changing your online account passwords. The Australian Cyber Security Centre provides guidance around good password practices: https://www.cyber.gov.au/protect-yourself
a. Install up-to-date anti-virus software on any device you use to access your online accounts; and
b. To monitor your financial records, you can apply for an annual free credit report or credit report ban from each of the consumer credit reporting agencies below:
i. Equifax: https://www.equifax.com.au/personal/products/credit- and-identity-products;
ii. Illion: https://www.creditcheck.illion.com.au/; and
iii. Experian: http://www.experian.com.au/consumer-reports
5. Where HWLE has confirmed core identity information has been impacted (driver’s licence, tax file number, passport, birth certificate) HWLE is offering those individuals the option of taking out Equifax Protect, a credit and identity monitoring service that helps reduce the risk of financial loss, available for 12-months on request. This subscription includes alerts for changes to credit reporting, monthly credit reports and score tracking. Please contact HWLE at cyberhelp@hwle.com.au to check your eligibility for this subscription and, if applicable, HWLE will make necessary arrangements.
6. HWLE will reimburse individuals for the cost of replacing driver’s licences or passports where such documents have been impacted by the incident and the relevant advice is to replace that document. Please contact HWLE directly on cyberhelp@hwle.com.au to confirm your eligibility for reimbursement.
Further information on online safety, cyber security and helpful tips to protect yourself and respond to scams, identity theft and other online risks, can be found at the following government agency websites:
If you need further assistance beyond the above recommendations, HWLE is making available to impacted individuals the services of IDCARE, Australia’s national identity and cyber support community service. HWLE has partnered with IDCARE specifically for the purpose of providing impacted individuals with tailored and specific advice, beyond the general advice that is ordinarily available to members of the public.
IDCARE have expert Case Managers who can work with impacted individuals in addressing concerns in relation to personal information risks and any instances where information may have been misused. IDCARE’s services are at no cost to impacted individuals.
If you wish to speak with one of IDCARE's expert Case Managers please complete an online Get Help form at www.idcare.org or call 1800 595160. Note IDCARE specialist Case Managers are available from 9am-6pm AEDT Monday to Friday excluding public holidays.