Law in Order

Law in Order, an Australian legal services firm, was hit by a ransomware attack where hackers threatened to publish stolen client data if ransom demands were not met.

What Happened

Ransomware attackers compromised Law in Order's systems using double extortion tactics—encrypting data while also stealing sensitive legal case information to threaten public release. The attack employed modern ransomware techniques where attackers exfiltrate data before encryption to create additional leverage.

Legal case data is particularly sensitive as it often includes confidential client communications protected by legal professional privilege, case strategies, witness information, and personal details of parties involved in legal matters.

Impact on Individuals

Clients of Law in Order faced severe risks if their legal case information was published. Legal files typically contain highly personal information about divorces, business disputes, criminal matters, family law cases, and commercial litigation. Public exposure could cause reputational damage, compromise legal strategies, and violate professional privilege.

Organisational Response

Law in Order engaged cybersecurity specialists and law enforcement. The firm faced difficult decisions about whether to pay the ransom to prevent publication of client data versus maintaining a no-ransom policy. The incident highlighted the particular vulnerability of legal firms holding highly sensitive privileged information and the devastating impact of data theft in the legal sector.