HWL Ebsworth
| Primary URL | Location | Industry | hwe[.]com[.]au |
Country
Australia
|
Commercial
|
|---|
Profile
HWL Ebsworth is an Australian commercial law firm that also operates under the alias Ebsworth & Ebsworth. The firm provides legal services to clients, focusing on commercial matters within the professional and legal services sector. It offers counsel and representation to corporate and individual clients seeking assistance with business-related legal issues. As a law firm based in Australia, its headquarters are located in the country.
The organisation distinguishes itself as a commercial law firm, positioning itself within the broader professional and legal services industry. Its notable competencies include handling sensitive client information and managing responses to cybersecurity incidents, as demonstrated by its engagement of third‑party experts and notification of the Australian Cyber Security Centre following alleged breaches. The firm’s profile as a custodian of confidential legal and financial data makes it a relevant target for threat actors seeking valuable information. These attributes reflect its role in providing trusted legal advice while safeguarding client data.
No explicit details about the firm’s ownership structure, parent company, or subsidiary relationships are provided in the source material. Consequently, any description of its corporate hierarchy would be speculative and is omitted here.
On 28 April 2023, the Russian‑linked ransomware group ALPHV/Blackcat claimed to have compromised HWL Ebsworth, asserting that it exfiltrated approximately four terabytes of data including client documentation, employee personal information, financial reports and a complete network map. A similar claim was made by the same group on 31 March 2023, alleging the exfiltration of about four terabytes of sensitive internal files, employee data and confidential client documents such as financial reports and credentials. In response to these allegations, the firm engaged third‑party cybersecurity experts and notified the Australian Cyber Security Centre to investigate the claims. The organisation stated that its operations were not impacted and that no signs of ongoing system access or encryption were detected. These incidents highlight the cybersecurity risks faced by legal practices that hold substantial volumes of confidential information.
